ELAID: detecting integer-Overflow-to-Buffer-Overflow vulnerabilities by light-weight and accurate static analysis

Cybersecurity

Table 10 Statistics of comparison experiment

Programs	CVE Numbers	ELAID			LAID			KINT
		Result	Time1(sec) (Vuln.Identif.)	Time2(sec) (Vuln.Filter)	Result	Time1(sec) (Vuln.Identif.)	Time2(sec) (Vuln.Filter)	Result	Analysis time(s)
gocr	2005-1141	\(\checkmark \)	3	< 1	\(\checkmark \)	2.1	11.8	x	1082
jasper	2011-4517	\(\checkmark \)	5	33	\(\checkmark \)	2.9	8.4	x	768.8
cpio	2014-9112	\(\checkmark \)	2	1	\(\checkmark \)	1.1	1.1	x	18.5
libexif	2016-6328	\(\checkmark \)	2	1	\(\checkmark \)	< 1	2.2	x	6.3
jbig2dec	2016-9601	\(\checkmark \)	5	108	\(\checkmark \)	< 1	1428	x	190.3
swftools	2017-16868	\(\checkmark \)	19	363	\(\checkmark \)	11.4	1466	x	1752
linux kernel	2019-14283	\(\checkmark \)	7766	3210	x	6567	3353	x	5563
	2018-13406	\(\checkmark \)			\(\checkmark \)			x
	2017-8924	\(\checkmark \)			x			x
	2016-9084	\(\checkmark \)			\(\checkmark \)			\(\checkmark \)
	2016-3135	\(\checkmark \)			\(\checkmark \)			x
	2014-9904	\(\checkmark \)			\(\checkmark \)			\(\checkmark \)
	2012-6703	\(\checkmark \)			\(\checkmark \)			\(\checkmark \)
	2012-0044	\(\checkmark \)			\(\checkmark \)			\(\checkmark \)