Abstract | ||
---|---|---|
In this pager we describe a new approach using symbolic execution to exploit windows applications, and the approach is implemented in the tool Ewap. Instead of fuzzing applications with randomly or semi-randomly constructed input, Ewap generates new inputs automatically to steer applications to follow different execution paths and detects security violations dynamically, which maximizes the code coverage and improves the exploiting efficiency. Based on a Dynamic Binary Monitor Platform (DBMP), Ewap analyzes and instruments the binary codes of target applications dynamically. During the execution process, the instrumented code traces data flows with an improved taint analysis mechanism and accomplishes two tasks: 1) generating path constraints used for symbolic execution, 2) detecting security violations. During the implementing of Ewap, the key technologies including IR-based instrumentation, taint analysis mechanism, symbolic execution and violations detection are introduced and adopted. We implement some experiments on several benchmarks, and the experimental data demonstrate that Ewap is reasonable in overhead and improves the code coverage and exploiting efficiency. |
Year | DOI | Venue |
---|---|---|
2009 | 10.1109/CSIE.2009.544 | CSIE (7) |
Keywords | Field | DocType |
symbolic execution,binary code,code coverage,instrumented code traces data,exploit windows applications,target applications dynamically,detects security violations dynamically,execution process,ewap analyzes,tool ewap,different execution path,data flow,binary codes,data mining,testing,security,code instrumentation,taint analysis | Code coverage,Fuzz testing,Computer science,Real-time computing,Taint checking,Pager,Symbolic execution,Artificial intelligence,Computer engineering,Instrumentation (computer programming),Binary code,Exploit,Machine learning | Conference |
Citations | PageRank | References |
1 | 0.35 | 11 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Jianmin Chen | 1 | 895 | 28.70 |
Hui Shu | 2 | 5 | 2.86 |
Xiaobing Xiong | 3 | 13 | 1.80 |