Publication Type
Conference Proceeding Article
Version
publishedVersion
Publication Date
8-2019
Abstract
Locating vulnerabilities is an important task for security auditing, exploit writing, and code hardening. However, it is challenging to locate vulnerabilities in binary code, because most program semantics (e.g., boundaries of an array) is missing after compilation. Without program semantics, it is difficult to determine whether a memory access exceeds its valid boundaries in binary code. In this work, we propose an approach to locate vulnerabilities based on memory layout recovery. First, we collect a set of passed executions and one failed execution. Then, for passed and failed executions, we restore their program semantics by recovering fine-grained memory layouts based on the memory addressing model. With the memory layouts recovered in passed executions as reference, we can locate vulnerabilities in failed execution by memory layout identification and comparison. Our experiments show that the proposed approach is effective to locate vulnerabilities on 24 out of 25 DARPA’s CGC programs (96%), and can effectively classifies 453 program crashes (in 5 Linux programs) into 19 groups based on their root causes.
Keywords
Reverse Engineering, Software Vulnerability, Program Analysis
Discipline
Software Engineering
Research Areas
Software and Cyber-Physical Systems
Publication
Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, Tallinn, Estonia, August 26-30
First Page
718
Last Page
728
ISBN
9781450355728
Identifier
10.1145/3338906.3338966
Publisher
Association for Computing Machinery
City or Country
Tallinn, Estonia
Citation
WANG, Haijun; XIE, Xiaofei; LIN, Shang-Wei; LIN, Yun; LI, Yuekang; QIN, Shengchao; LIU, Yang; and LIU, Ting.
Locating vulnerabilities in binaries via memory layout recovering. (2019). Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, Tallinn, Estonia, August 26-30. 718-728.
Available at: https://ink.library.smu.edu.sg/sis_research/7066
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.