MACKE: Compositional analysis of low-level vulnerabilities with symbolic execution

Concolic (concrete+symbolic) execution has recently gained popularity as an effective means to uncover non-trivial vulnerabilities in software, such as subtle buffer overflows. However, symbolic execution tools that are designed to optimize statement coverage often fail to cover potentially vulnerab...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering s. 780 - 785
Hlavní autori: Ognawala, Saahil, Ochoa, Martin, Pretschner, Alexander, Limmer, Tobias
Médium: Konferenčný príspevok..
Jazyk:English
Vydavateľské údaje: ACM 01.09.2016
Predmet:
Complex systems
Compositional analysis
Computer bugs
Engines
Memory management
Scalability
Security
Software
Symbolic execution
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:Concolic (concrete+symbolic) execution has recently gained popularity as an effective means to uncover non-trivial vulnerabilities in software, such as subtle buffer overflows. However, symbolic execution tools that are designed to optimize statement coverage often fail to cover potentially vulnerable code because of complex system interactions and scalability issues of constraint solvers. In this paper, we present a tool (MACKE) that is based on the modular interactions inferred by static code analysis, which is combined with symbolic execution and directed inter-procedural path exploration. This provides an advantage in terms of statement coverage and ability to uncover more vulnerabilities. Our tool includes a novel feature in the form of interactive vulnerability report generation that helps developers prioritize bug fixing based on severity scores. A demo of our tool is available at https://youtu.be/icC3jc3mHEU.
DOI:10.1145/2970276.2970281