Automated exploit generation for stack buffer overflow vulnerabilities

An automated method for exploit generation is presented. This method allows one to construct exploits for stack buffer overflow vulnerabilities and to prioritize software bugs. The method is based on the dynamic analysis and symbolic execution of programs. It could be applied to program binaries and...

Full description

Saved in:
Bibliographic Details
Published in:Programming and computer software Vol. 41; no. 6; pp. 373 - 380
Main Authors: Padaryan, V. A., Kaushan, V. V., Fedotov, A. N.
Format: Journal Article
Language:English
Published: Moscow Pleiades Publishing 01.11.2015
Springer Nature B.V
Subjects:
Artificial Intelligence
Buffers
Computer Science
Operating Systems
Software Engineering
Software Engineering/Programming and Operating Systems
Memory Location
Address Space
Symbolic Execution
Abnormal Termination
Binary Code
ISSN:0361-7688, 1608-3261
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:An automated method for exploit generation is presented. This method allows one to construct exploits for stack buffer overflow vulnerabilities and to prioritize software bugs. The method is based on the dynamic analysis and symbolic execution of programs. It could be applied to program binaries and does not require debug information. The proposed method was used to develop a tool for exploit generation. This tool was used to generate exploits for eight vulnerabilities in Linux and Windows programs, of which three were not fixed at the time this paper was written.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0361-7688
1608-3261
DOI:10.1134/S0361768815060055