MACKE: Compositional analysis of low-level vulnerabilities with symbolic execution

Concolic (concrete+symbolic) execution has recently gained popularity as an effective means to uncover non-trivial vulnerabilities in software, such as subtle buffer overflows. However, symbolic execution tools that are designed to optimize statement coverage often fail to cover potentially vulnerab...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering s. 780 - 785
Hlavní autoři: Ognawala, Saahil, Ochoa, Martin, Pretschner, Alexander, Limmer, Tobias
Médium: Konferenční příspěvek
Jazyk:angličtina
Vydáno: ACM 01.09.2016
Témata:
Complex systems
Compositional analysis
Computer bugs
Engines
Memory management
Scalability
Security
Software
Symbolic execution
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Concolic (concrete+symbolic) execution has recently gained popularity as an effective means to uncover non-trivial vulnerabilities in software, such as subtle buffer overflows. However, symbolic execution tools that are designed to optimize statement coverage often fail to cover potentially vulnerable code because of complex system interactions and scalability issues of constraint solvers. In this paper, we present a tool (MACKE) that is based on the modular interactions inferred by static code analysis, which is combined with symbolic execution and directed inter-procedural path exploration. This provides an advantage in terms of statement coverage and ability to uncover more vulnerabilities. Our tool includes a novel feature in the form of interactive vulnerability report generation that helps developers prioritize bug fixing based on severity scores. A demo of our tool is available at https://youtu.be/icC3jc3mHEU.
DOI:10.1145/2970276.2970281