期刊名称:International Journal of Advanced Research in Computer Engineering & Technology (IJARCET)
印刷版ISSN:2278-1323
出版年度:2012
卷号:1
期号:10
页码:091-093
出版社:Shri Pannalal Research Institute of Technolgy
摘要:Dynamic loading is an important mechanism for software development. It allows an application, the flexibility to dynamically link a component and use its exported functionalities. Dynamic loading is a mechanism by which a computer program can, at run time, load a library into memory, retrieve the addresses of functions and variables contained in the library, execute those functions or access those variables, and unload the library from memory. An effective dynamic analysis to detect vulnerable and unsafe dynamic component loadings is proposed. This work introduces the first automated technique to detect and analyze vulnerabilities and errors related to the dynamic component loading. This analysis has two phases: 1) Online Phase to apply dynamic binary instrumentation to collect runtime information on component loading , and 2) Offline Phase to analyze the collected information to detect vulnerable component loadings . The technique uses a set of practical tools for detecting unsafe component loadings on Microsoft Windows and Linux. An extensive analysis of unsafe component loadings on various types of popular software has been conducted.
