Name
Abstract | ||
|---|---|---|
Vulnerability analysis aims to detect programming flaws inside software code in order to prevent their exploitation by external attackers, for instance by control-flow hijacking. One of the most challenging issues in vulnerability analysis is being able to distinguish between exploitable and nonexploitable flaws. In this work we propose a symbolic approach to assess the exploitability level of a path leading to a flaw. This approach operates on (disassembled) binary code and starts with the identification of “dangerous paths”, i.e., paths containing some patterns that depend on inputs. Then, we produce the corresponding path conditions augmented by symbolic constraints dedicated to exploitability. |
Year | DOI | Venue |
|---|---|---|
2013 | 10.1109/ICSTW.2013.33 | ICST Workshops |
Keywords | DocType | ISSN |
vulnerability analysis,path conditions,vulnerable flaw,exploitability,binary analysis,symbolic execution,software reliability,symbolic buffer overflow exploitability,programming flaws,nonexploitable flaw,control-flow hijacking,stack model,symbolic buffer overflow exploitability analysis,symbolic constraints,dangerous paths,memory model,symbolic exploit assistant,disassembled binary code,exploitability level,binary codes,symbolic-based approach,external attackers,constraint-satisfaction,software code,security of data,indexes,memory management,constraint satisfaction | Conference | 2159-4848 |
ISBN | Citations | PageRank |
978-1-4799-1324-4 | 1 | 0.37 |
References | Authors | |
6 | 4 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Gustavo Grieco | 1 | 70 | 5.08 |
| Laurent Mounier | 2 | 1187 | 79.54 |
| Marie-Laure Potet | 3 | 190 | 21.34 |
| Sanjay Rawat | 4 | 146 | 10.59 |