Automated exploit generation for stack buffer overflow vulnerabilities

An automated method for exploit generation is presented. This method allows one to construct exploits for stack buffer overflow vulnerabilities and to prioritize software bugs. The method is based on the dynamic analysis and symbolic execution of programs. It could be applied to program binaries and...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Programming and computer software Jg. 41; H. 6; S. 373 - 380
Hauptverfasser: Padaryan, V. A., Kaushan, V. V., Fedotov, A. N.
Format: Journal Article
Sprache:Englisch
Veröffentlicht: Moscow Pleiades Publishing 01.11.2015
Springer Nature B.V
Schlagworte:
Artificial Intelligence
Buffers
Computer Science
Operating Systems
Software Engineering
Software Engineering/Programming and Operating Systems
Memory Location
Address Space
Symbolic Execution
Abnormal Termination
Binary Code
ISSN:0361-7688, 1608-3261
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:An automated method for exploit generation is presented. This method allows one to construct exploits for stack buffer overflow vulnerabilities and to prioritize software bugs. The method is based on the dynamic analysis and symbolic execution of programs. It could be applied to program binaries and does not require debug information. The proposed method was used to develop a tool for exploit generation. This tool was used to generate exploits for eight vulnerabilities in Linux and Windows programs, of which three were not fixed at the time this paper was written.
Bibliographie:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0361-7688
1608-3261
DOI:10.1134/S0361768815060055