The automatic identification of security-relevant flaws in binary executables is still a young but promising research area. In this paper, we describe a new approach for the identification of vulnerabilities in object code we called smart fuzzing. While conventional fuzzing uses random input to discover crash conditions, smart fuzzing restricts the input space by using a preliminary static analysis of the program, then refined by monitoring each execution. In other words, the search is driven by a mix of static and dynamic analysis in order to lead the execution path to selected corner cases that are the most likely to expose vulnerabilities, thus improving the effectiveness of fuzzing as a means for finding security breaches in black-box programs.
A Smart Fuzzer for x86 Executables / A. Lanzi, L. Martignoni, M. Monga, R. Paleari - In: SESS'07: Proceedings of the 3rd International Workshop on Software Engineering for Secure SystemsWashington : IEEE Computer Society, 2007. - ISBN 0769529526. - pp. 7 (( Intervento presentato al 3. convegno International Workshop on Software Engineering for Secure Systems tenutosi a Minneapolis, MN, USA nel 2007 [10.1109/SESS.2007.1].
A Smart Fuzzer for x86 Executables
A. Lanzi;L. Martignoni;M. Monga;R. Paleari
2007
Abstract
The automatic identification of security-relevant flaws in binary executables is still a young but promising research area. In this paper, we describe a new approach for the identification of vulnerabilities in object code we called smart fuzzing. While conventional fuzzing uses random input to discover crash conditions, smart fuzzing restricts the input space by using a preliminary static analysis of the program, then refined by monitoring each execution. In other words, the search is driven by a mix of static and dynamic analysis in order to lead the execution path to selected corner cases that are the most likely to expose vulnerabilities, thus improving the effectiveness of fuzzing as a means for finding security breaches in black-box programs.
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
