Zobrazeno 1 - 10
of 245
pro vyhledávání: '"ВЫПОЛНЕНИЕ"'
Autor:
N.A. Kamensky
Publikováno v:
Российско-азиатский правовой журнал, Iss 2, Pp 40-46 (2019)
Рассматриваются вопросы международного и зарубежного правового регулирования ответственности за злоупотребление полномочиями в комм
Externí odkaz:
https://doaj.org/article/efc8c11916e049e8ae1d37d3bcbca534
Autor:
M. A. Solovev, M. G. Bakulin, M. S. Gorbachev, D. V. Manushin, V. A. Padaryan, S. S. Panasenko
Publikováno v:
Труды Института системного программирования РАН, Vol 30, Iss 6, Pp 39-68 (2019)
A lot of binary code analysis tools do not work directly with machine instructions, instead relying on an intermediate representation from the binary code. In this paper, we first analyze problems in binary code analysis that benefit from such an IR
Externí odkaz:
https://doaj.org/article/262e8f7b72194830bb81c96c7baaab78
Publikováno v:
Труды Института системного программирования РАН, Vol 27, Iss 2, Pp 105-126 (2018)
In this paper memory violation detection method is considered. This method applied to program binaries, without requiring debug information. It allows to find such memory violations as out-of-bound read or writing in some buffer. The technique is bas
Externí odkaz:
https://doaj.org/article/0c86da8c4dc94563b83f59f4b4c3bf55
Publikováno v:
Труды Института системного программирования РАН, Vol 29, Iss 6, Pp 151-162 (2018)
Approaches for code execution using program vulnerabilities are considered in this paper. Particularly, ways of code execution using buffer overflow on stack and on heap, using use-after-free vulnerabilities and format string vulnerabilities are exam
Externí odkaz:
https://doaj.org/article/2ec8c31f79304039b139803d830d9462
Autor:
A. . Dergachev, A. . Sidorin
Publikováno v:
Труды Института системного программирования РАН, Vol 28, Iss 1, Pp 41-62 (2018)
A specific approach to summary-based interprocedural symbolic execution is described. The approach is suitable for analysis of program source code developed with high-level programming languages and allows executing arbitrarily complex checks during
Externí odkaz:
https://doaj.org/article/3299b07a12134cc98ad43cbb4a8644d4
Autor:
A. N. Fedotov, V. A. Padaryan, V. V. Kaushan, Sh. F. Kurmangaleev, A. V. Vishnyakov, A. R. Nurmukhametov
Publikováno v:
Труды Института системного программирования РАН, Vol 28, Iss 5, Pp 73-92 (2018)
This paper introduces a refined method for automated exploitability evaluation of found program bugs. During security development lifecycle a significant number of crashes is detected in programs. Because of limited resources, bug fixing is time cons
Externí odkaz:
https://doaj.org/article/780fab3d5b864726ba1c9c61ef84c057
Autor:
A. N. Fedotov
Publikováno v:
Труды Института системного программирования РАН, Vol 28, Iss 4, Pp 137-148 (2018)
The method for exploitability estimation of program bugs is presented. Using this technique allows to prioritize software bugs that were found. Thus, it gives an opportunity for a developer to fix bugs, which are most security critical at first. The
Externí odkaz:
https://doaj.org/article/edd2cc9433d04fc6824a9f2a2942a030
Autor:
V. K. Koshelev
Publikováno v:
Труды Института системного программирования РАН, Vol 28, Iss 5, Pp 105-118 (2018)
This paper is devoted to the formalization of the error criteria for program static analysis, based on symbolic execution. Using the original error criteria of symbolic execution approach in program static analysis leads to an excessive number of fal
Externí odkaz:
https://doaj.org/article/986e575172764cb9818526244d3305a4
Autor:
A. V. Kozachok, E. V. Kochetkov
Publikováno v:
Труды Института системного программирования РАН, Vol 29, Iss 6, Pp 7-24 (2018)
The article represented the technical implementation of the system of verified program code execution. The functional purpose of this system is to investigate arbitrary executable files of the operating system in the absence of source codes in order
Externí odkaz:
https://doaj.org/article/992fcebd900641cb83f3efe2fa42b98e
Autor:
V. V. Kaushan
Publikováno v:
Труды Института системного программирования РАН, Vol 28, Iss 5, Pp 135-144 (2018)
Buffer overflows are one of the most common and dangerous software errors. Exploitation of such errors can lead to an arbitrary code execution and system disclosure. This paper considers a method for detecting memory violations. The method is based o
Externí odkaz:
https://doaj.org/article/b61e98dd6aa649138178fcf508f09234