Automated exploit generation for stack buffer overflow vulnerabilities

An automated method for exploit generation is presented. This method allows one to construct exploits for stack buffer overflow vulnerabilities and to prioritize software bugs. The method is based on the dynamic analysis and symbolic execution of programs. It could be applied to program binaries and...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:Programming and computer software Ročník 41; číslo 6; s. 373 - 380
Hlavní autori: Padaryan, V. A., Kaushan, V. V., Fedotov, A. N.
Médium: Journal Article
Jazyk:English
Vydavateľské údaje: Moscow Pleiades Publishing 01.11.2015
Springer Nature B.V
Predmet:
Artificial Intelligence
Buffers
Computer Science
Operating Systems
Software Engineering
Software Engineering/Programming and Operating Systems
Memory Location
Address Space
Symbolic Execution
Abnormal Termination
Binary Code
ISSN:0361-7688, 1608-3261
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:An automated method for exploit generation is presented. This method allows one to construct exploits for stack buffer overflow vulnerabilities and to prioritize software bugs. The method is based on the dynamic analysis and symbolic execution of programs. It could be applied to program binaries and does not require debug information. The proposed method was used to develop a tool for exploit generation. This tool was used to generate exploits for eight vulnerabilities in Linux and Windows programs, of which three were not fixed at the time this paper was written.
Bibliografia:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0361-7688
1608-3261
DOI:10.1134/S0361768815060055