{"title":"释放:使用循环感知的Concolic执行生成漏洞","authors":"Bing-Han Li, S. Shieh","doi":"10.1109/SSIRI.2011.31","DOIUrl":null,"url":null,"abstract":"Automatically finding vulnerabilities and even generating exploits are desirable for software testing. For the protection of intellectual property and copyright, programs being tested may be lack of source code and symbol table information. Concolic execution is a novel technique, which takes advantage of the rapid executing speed of concrete execution and the wide testing coverage of symbolic execution, to discover and identify software bugs, including vulnerabilities. However, a serious limitation of concolic execution inherited from symbolic execution is its poor analysis result with loops, a common programming construct. For instance, when the number of iterations depends on the inputs, the analysis cannot determine possible execution paths of the program. In this paper, we propose a new concolic execution technique, loop-aware concolic execution, for testing software and analyzing loop-related variables with fewer execution steps. With the novel technique, not only linear relations but also some polynomial recurrence relations in a loop can be handled. To demonstrate effectiveness of the novel technique, we developed a concolic analyzer, called RELEASE, to discover buffer-overflow vulnerabilities in the testing benchmarks.","PeriodicalId":224250,"journal":{"name":"2011 Fifth International Conference on Secure Software Integration and Reliability Improvement","volume":"16 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"RELEASE: Generating Exploits Using Loop-Aware Concolic Execution\",\"authors\":\"Bing-Han Li, S. Shieh\",\"doi\":\"10.1109/SSIRI.2011.31\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Automatically finding vulnerabilities and even generating exploits are desirable for software testing. For the protection of intellectual property and copyright, programs being tested may be lack of source code and symbol table information. Concolic execution is a novel technique, which takes advantage of the rapid executing speed of concrete execution and the wide testing coverage of symbolic execution, to discover and identify software bugs, including vulnerabilities. However, a serious limitation of concolic execution inherited from symbolic execution is its poor analysis result with loops, a common programming construct. For instance, when the number of iterations depends on the inputs, the analysis cannot determine possible execution paths of the program. In this paper, we propose a new concolic execution technique, loop-aware concolic execution, for testing software and analyzing loop-related variables with fewer execution steps. With the novel technique, not only linear relations but also some polynomial recurrence relations in a loop can be handled. To demonstrate effectiveness of the novel technique, we developed a concolic analyzer, called RELEASE, to discover buffer-overflow vulnerabilities in the testing benchmarks.\",\"PeriodicalId\":224250,\"journal\":{\"name\":\"2011 Fifth International Conference on Secure Software Integration and Reliability Improvement\",\"volume\":\"16 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-06-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 Fifth International Conference on Secure Software Integration and Reliability Improvement\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SSIRI.2011.31\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 Fifth International Conference on Secure Software Integration and Reliability Improvement","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SSIRI.2011.31","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
RELEASE: Generating Exploits Using Loop-Aware Concolic Execution
Automatically finding vulnerabilities and even generating exploits are desirable for software testing. For the protection of intellectual property and copyright, programs being tested may be lack of source code and symbol table information. Concolic execution is a novel technique, which takes advantage of the rapid executing speed of concrete execution and the wide testing coverage of symbolic execution, to discover and identify software bugs, including vulnerabilities. However, a serious limitation of concolic execution inherited from symbolic execution is its poor analysis result with loops, a common programming construct. For instance, when the number of iterations depends on the inputs, the analysis cannot determine possible execution paths of the program. In this paper, we propose a new concolic execution technique, loop-aware concolic execution, for testing software and analyzing loop-related variables with fewer execution steps. With the novel technique, not only linear relations but also some polynomial recurrence relations in a loop can be handled. To demonstrate effectiveness of the novel technique, we developed a concolic analyzer, called RELEASE, to discover buffer-overflow vulnerabilities in the testing benchmarks.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
