Spotting Silent Buffer Overflows in Execution Trace through Graph Neural Network Assisted Data Flow Analysis

TL;DR

This paper introduces a novel GNN-based data flow analysis method to detect silent buffer overflows in execution traces, achieving high accuracy without source code and identifying vulnerabilities in various memory regions.

Contribution

The work presents the first general-purpose GNN approach for detecting silent buffer overflows in execution traces without source code dependency.

Findings

Achieves 94.39% accuracy on test data.

Locates 29 out of 30 real-world silent buffer overflows.

First method to detect silent overflows in global, stack, and heap variables.

Abstract

A software vulnerability could be exploited without any visible symptoms. When no source code is available, although such silent program executions could cause very serious damage, the general problem of analyzing silent yet harmful executions is still an open problem. In this work, we propose a graph neural network (GNN) assisted data flow analysis method for spotting silent buffer overflows in execution traces. The new method combines a novel graph structure (denoted DFG+) beyond data-flow graphs, a tool to extract {\tt DFG+} from execution traces, and a modified Relational Graph Convolutional Network as the GNN model to be trained. The evaluation results show that a well-trained model can be used to analyze vulnerabilities in execution traces (of previously-unseen programs) without support of any source code. Our model achieves 94.39\% accuracy on the test data and successfully locates 29 out of 30 real-world silent buffer overflow vulnerabilities. Leveraging deep learning, the proposed method is, to our best knowledge, the first general-purpose analysis method for silent buffer overflows. It is also the first method to spot silent buffer overflows in global variables, stack variables, or heap variables without crossing the boundary of allocated chunks.