DETECTING VULNERABILITY TO RESOURCE EXHAUSTION

摘要

In an aspect of managing resource exhaustion, a method includes receiving a program code that is configured for generating a random number. The generating is identified as vulnerable to a resource exhaustion. The method also includes identifying a statement in the program code at which a value of a variable associated with the generating of the random number is affected, inserting a hooking code in the statement for monitoring the variable at the statement, and running the program code in a plurality of iterations. A consumption level of the resource is varied in the plurality of iterations. The method further includes monitoring a plurality of values of the variable in the plurality of iterations. The method also includes executing a regression analysis on the plurality of values and returning a root cause of the vulnerability.

主权项

1. A computer-implemented method for managing resource exhaustion, the method comprising:
receiving a program code that is configured for generating a random number, the generating being identified as vulnerable to a resource exhaustion; identifying a statement in the program code at which a value of a variable associated with the generating of the random number is affected; inserting a hooking code in the statement, the hooking code configured for monitoring the variable at the statement; running the program code in a plurality of iterations, wherein a consumption level of the resource is varied in the plurality of iterations; monitoring, by the hooking code, a plurality of values of the variable in the plurality of iterations, as a result of the running; executing a regression analysis on the plurality of values, the regression analysis resulting in an entropy number; comparing the entropy number to an expected level of entropy; and returning an identification of the statement as a result of identifying the entropy number as being not within the expected level of entropy, thereby returning a root cause of the vulnerability.