Static Detection of Vulnerabilities in x86 Executables

Authors:
Marco Cova;Viktoria Felmetsger;Greg Banks;Giovanni Vigna
Affiliations:
University of California, Santa Barbara, USA;University of California, Santa Barbara, USA;University of California, Santa Barbara, USA;University of California, Santa Barbara, USA
Venue:
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Year:
2006

Citing 0
Cited 10

A Smart Fuzzer for x86 Executables

SESS '07 Proceedings of the Third International Workshop on Software Engineering for Secure Systems
WYSINWYX: What you see is not what you eXecute

ACM Transactions on Programming Languages and Systems (TOPLAS)
Low-level library analysis and summarization

CAV'07 Proceedings of the 19th international conference on Computer aided verification
Improved memory-access analysis for x86 executables

CC'08/ETAPS'08 Proceedings of the Joint European Conferences on Theory and Practice of Software 17th international conference on Compiler construction
Checksum-Aware Fuzzing Combined with Dynamic Taint Analysis and Symbolic Execution

ACM Transactions on Information and System Security (TISSEC)
Directed proof generation for machine code

CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
Hunting application-level logical errors

ESSoS'12 Proceedings of the 4th international conference on Engineering Secure Software and Systems
SymDrive: testing drivers without devices

OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Generalized vulnerability extrapolation using abstract syntax trees

Proceedings of the 28th Annual Computer Security Applications Conference
Chucky: exposing missing checks in source code for vulnerability discovery

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Quantified Score

Hi-index	0.00

Visualization

Abstract

In the last few years, several approaches have been proposed to perform vulnerability analysis of applications written in high-level languages. However, little has been done to automatically identify security-relevant flaws in binary code. In this paper, we present a novel approach to the identification of vulnerabilities in x86 executables in ELF binary format. Our approach is based on static analysis and symbolic execution techniques. We implemented our approach in a proof-of-concept tool and used it to detect taint-style vulnerabilities in binary code. The results of our evaluation show that our approach is both practical and effective.