Automated exploit generation for stack buffer overflow vulnerabilities

An automated method for exploit generation is presented. This method allows one to construct exploits for stack buffer overflow vulnerabilities and to prioritize software bugs. The method is based on the dynamic analysis and symbolic execution of programs. It could be applied to program binaries and...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Programming and computer software Ročník 41; číslo 6; s. 373 - 380
Hlavní autoři: Padaryan, V. A., Kaushan, V. V., Fedotov, A. N.
Médium: Journal Article
Jazyk:angličtina
Vydáno: Moscow Pleiades Publishing 01.11.2015
Springer Nature B.V
Témata:
Artificial Intelligence
Buffers
Computer Science
Operating Systems
Software Engineering
Software Engineering/Programming and Operating Systems
Memory Location
Address Space
Symbolic Execution
Abnormal Termination
Binary Code
ISSN:0361-7688, 1608-3261
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:An automated method for exploit generation is presented. This method allows one to construct exploits for stack buffer overflow vulnerabilities and to prioritize software bugs. The method is based on the dynamic analysis and symbolic execution of programs. It could be applied to program binaries and does not require debug information. The proposed method was used to develop a tool for exploit generation. This tool was used to generate exploits for eight vulnerabilities in Linux and Windows programs, of which three were not fixed at the time this paper was written.
Bibliografie:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0361-7688
1608-3261
DOI:10.1134/S0361768815060055