Institutional Repository
| Heuristic path pruning algorithm based on error handling pattern recognition in detecting vulnerability | |
| Chen, Dong (1); Zhang, Yang (1); Cheng, Liang (1); Deng, Yi (1); Sun, Xiaoshan (1) | |
| 2013 | |
| Conference Name | 2013 IEEE 37th Annual Computer Software and Applications Conference Workshops, COMPSACW 2013 |
| Pages | 95-100 |
| Conference Date | July 22, 2013 - July 26, 2013 |
| Conference Place | Kyoto, Japan |
| Indexed Type | CPCI ; EI |
| Publish Place | IEEE Computer Society, 2001 L Street N.W., Suite 700, Washington, DC 20036-4928, United States |
| ISSN | 7303157 |
| ISBN | 9780769549873 |
| Department | (1) Institute of Software, Chinese Academy of Sciences, Beijing, China |
| English Abstract | Using symbolic execution in path sensitive detection of software vulnerabilities develop quickly recently. It has a lot of application and research progress. However, symbolic execution still suffers from the scalability problem in practice, especially when applied to large scale or very complex programs. In this paper, we propose a new heuristic path pruning algorithm based on non-fatal error handling(NFEH) pattern recognition. Firstly, it use three patterns to recognize NFEH module in binary code and then stop analyzing NFEH branches when using symbolic execution. To demonstrate the effectiveness of this new approach, we have implemented a prototype tool PrunEbt based on a binary static integer vulnerability detecting tool (Statictaint). Experimental results are quite encouraging. PrunEbt can effectively recognize NFEH modules in binary program, significantly reduce the search space and have no omissions of true vulnerabilities. At last, it has detected one zero-day integer vulnerability in widely used image recognition library Libpng v1.5.13. © 2013 IEEE.; Using symbolic execution in path sensitive detection of software vulnerabilities develop quickly recently. It has a lot of application and research progress. However, symbolic execution still suffers from the scalability problem in practice, especially when applied to large scale or very complex programs. In this paper, we propose a new heuristic path pruning algorithm based on non-fatal error handling(NFEH) pattern recognition. Firstly, it use three patterns to recognize NFEH module in binary code and then stop analyzing NFEH branches when using symbolic execution. To demonstrate the effectiveness of this new approach, we have implemented a prototype tool PrunEbt based on a binary static integer vulnerability detecting tool (Statictaint). Experimental results are quite encouraging. PrunEbt can effectively recognize NFEH modules in binary program, significantly reduce the search space and have no omissions of true vulnerabilities. At last, it has detected one zero-day integer vulnerability in widely used image recognition library Libpng v1.5.13. © 2013 IEEE. |
| Keyword | Symbolic Execution Path Pruning Error Handling Binary Code Vulnerability Detection |
| Language | 英语 |
| Content Type | 会议论文 |
| URI | http://ir.iscas.ac.cn/handle/311060/16542 |
| Collection | 中国科学院软件研究所 |
| Recommended Citation GB/T 7714 | Chen, Dong ,Zhang, Yang ,Cheng, Liang ,et al. Heuristic path pruning algorithm based on error handling pattern recognition in detecting vulnerability[C]. IEEE Computer Society, 2001 L Street N.W., Suite 700, Washington, DC 20036-4928, United States,2013:95-100. |
| Files in This Item: | There are no files associated with this item. | |||||
Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.
Edit Comment