HeapMD: Identifying heap-based bugs using anomaly detection

Trishul M. Chilimbi, Vinod Ganapathy

Research output: Contribution to journalArticle

4 Citations (Scopus)

Abstract

We present the design, implementation, and evaluation of HeapMD, a dynamic analysis tool that finds heap-based bugs using anomaly detection. HeapMD is based upon the observation that, in spite of the evolving nature of the heap, several of its properties remain stable. HeapMD uses this observation in a novel way: periodically, during the execution of the program, it computes a suite of metrics which are sensitive to the state of the heap. These metrics track heap behavior, and the stability of the heap reflects quantitatively in the values of these metrics. The "normal" ranges of stable metrics, obtained by running a program on multiple inputs, are then treated as indicators of correct behaviour, and are used in conjunction with an anomaly detector to find heap-based bugs. Using HeapMD, we were able to find 40 heap-based bugs, 31 of them previously unknown, in 5 large, commercial applications.

Original languageEnglish (US)
Pages (from-to)219-228
Number of pages10
JournalACM SIGPLAN Notices
Volume41
Issue number11
StatePublished - Nov 1 2006
Externally publishedYes

Fingerprint

Dynamic analysis
Detectors

All Science Journal Classification (ASJC) codes

  • Computer Science(all)

Cite this

Chilimbi, Trishul M. ; Ganapathy, Vinod. / HeapMD : Identifying heap-based bugs using anomaly detection. In: ACM SIGPLAN Notices. 2006 ; Vol. 41, No. 11. pp. 219-228.
@article{681969be8a654850bf8ba605ea92ca5f,
title = "HeapMD: Identifying heap-based bugs using anomaly detection",
abstract = "We present the design, implementation, and evaluation of HeapMD, a dynamic analysis tool that finds heap-based bugs using anomaly detection. HeapMD is based upon the observation that, in spite of the evolving nature of the heap, several of its properties remain stable. HeapMD uses this observation in a novel way: periodically, during the execution of the program, it computes a suite of metrics which are sensitive to the state of the heap. These metrics track heap behavior, and the stability of the heap reflects quantitatively in the values of these metrics. The {"}normal{"} ranges of stable metrics, obtained by running a program on multiple inputs, are then treated as indicators of correct behaviour, and are used in conjunction with an anomaly detector to find heap-based bugs. Using HeapMD, we were able to find 40 heap-based bugs, 31 of them previously unknown, in 5 large, commercial applications.",
author = "Chilimbi, {Trishul M.} and Vinod Ganapathy",
year = "2006",
month = "11",
day = "1",
language = "English (US)",
volume = "41",
pages = "219--228",
journal = "ACM SIGPLAN Notices",
issn = "1523-2867",
publisher = "Association for Computing Machinery (ACM)",
number = "11",

}

HeapMD : Identifying heap-based bugs using anomaly detection. / Chilimbi, Trishul M.; Ganapathy, Vinod.

In: ACM SIGPLAN Notices, Vol. 41, No. 11, 01.11.2006, p. 219-228.

Research output: Contribution to journalArticle

TY - JOUR

T1 - HeapMD

T2 - Identifying heap-based bugs using anomaly detection

AU - Chilimbi, Trishul M.

AU - Ganapathy, Vinod

PY - 2006/11/1

Y1 - 2006/11/1

N2 - We present the design, implementation, and evaluation of HeapMD, a dynamic analysis tool that finds heap-based bugs using anomaly detection. HeapMD is based upon the observation that, in spite of the evolving nature of the heap, several of its properties remain stable. HeapMD uses this observation in a novel way: periodically, during the execution of the program, it computes a suite of metrics which are sensitive to the state of the heap. These metrics track heap behavior, and the stability of the heap reflects quantitatively in the values of these metrics. The "normal" ranges of stable metrics, obtained by running a program on multiple inputs, are then treated as indicators of correct behaviour, and are used in conjunction with an anomaly detector to find heap-based bugs. Using HeapMD, we were able to find 40 heap-based bugs, 31 of them previously unknown, in 5 large, commercial applications.

AB - We present the design, implementation, and evaluation of HeapMD, a dynamic analysis tool that finds heap-based bugs using anomaly detection. HeapMD is based upon the observation that, in spite of the evolving nature of the heap, several of its properties remain stable. HeapMD uses this observation in a novel way: periodically, during the execution of the program, it computes a suite of metrics which are sensitive to the state of the heap. These metrics track heap behavior, and the stability of the heap reflects quantitatively in the values of these metrics. The "normal" ranges of stable metrics, obtained by running a program on multiple inputs, are then treated as indicators of correct behaviour, and are used in conjunction with an anomaly detector to find heap-based bugs. Using HeapMD, we were able to find 40 heap-based bugs, 31 of them previously unknown, in 5 large, commercial applications.

UR - http://www.scopus.com/inward/record.url?scp=33846478815&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33846478815&partnerID=8YFLogxK

M3 - Article

VL - 41

SP - 219

EP - 228

JO - ACM SIGPLAN Notices

JF - ACM SIGPLAN Notices

SN - 1523-2867

IS - 11

ER -