Patch-Related Vulnerability Detection Based on Symbolic Execution
نویسندگان
چکیده
منابع مشابه
Statically-Guided Fork-based Symbolic Execution for Vulnerability Detection
Fork-based symbolic execution would waste large amounts of computing time and resource on invulnerable paths when applied to vulnerability detection. In this paper, we propose a statically-guided fork-based symbolic execution technique for vulnerability detection to mitigate this problem. In static analysis, we collect all valid jumps along vulnerable paths, and define the priority for each pro...
متن کاملAutomata-based symbolic string analysis for vulnerability detection
Verifying string manipulating programs is a crucial problem in computer security. String operations are used extensively within web applications to manipulate user input, and their erroneous use is the most common cause of security vulnerabilities in web applications. We present an automata-based approach for symbolic analysis of string manipulating programs. We use deterministic finite automat...
متن کاملA model-guided symbolic execution approach for network protocol implementations and vulnerability detection
Formal techniques have been devoted to analyzing whether network protocol specifications violate security policies; however, these methods cannot detect vulnerabilities in the implementations of the network protocols themselves. Symbolic execution can be used to analyze the paths of the network protocol implementations, but for stateful network protocols, it is difficult to reach the deep state...
متن کاملRedundant State Detection for Dynamic Symbolic Execution
Many recent tools use dynamic symbolic execution to perform tasks ranging from automatic test generation, finding security flaws, equivalence verification, and exploit generation. However, while symbolic execution is promising, it perennially struggles with the fact that the number of paths in a program increases roughly exponentially with both code and input size. This paper presents a techniq...
متن کاملTesting C Programs for Vulnerability Using Trace-Based Symbolic Execution and Satisfiability Analysis
Security testing has gained significant attention recently due to the huge number of attacks against software systems. This paper presents a novel security testing method using trace-based symbolic execution and satisfiability analysis. It reuses test cases generated from traditional functional testing to produce execution traces. An execution trace is a sequence of program statements exercised...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Access
سال: 2017
ISSN: 2169-3536
DOI: 10.1109/access.2017.2676161