Ruoyu Wang scite author profile

Abstract-Memory corruption vulnerabilities are an everpresent risk in software, which attackers can exploit to obtain unauthorized access to confidential information. As products with access to sensitive data are becoming more prevalent, the number of potentially exploitable systems is also increasing, resulting in a greater need for automated software vetting tools. DARPA recently funded a competition, with millions of dollars in prize money, to further research focusing on automated vulnerability finding and patching, showing the importance of research in this area. Current techniques for finding potential bugs include static, dynamic, and concolic analysis systems, which each having their own advantages and disadvantages. A common limitation of systems designed to create inputs which trigger vulnerabilities is that they only find shallow bugs and struggle to exercise deeper paths in executables.We present Driller, a hybrid vulnerability excavation tool which leverages fuzzing and selective concolic execution in a complementary manner, to find deeper bugs. Inexpensive fuzzing is used to exercise compartments of an application, while concolic execution is used to generate inputs which satisfy the complex checks separating the compartments. By combining the strengths of the two techniques, we mitigate their weaknesses, avoiding the path explosion inherent in concolic analysis and the incompleteness of fuzzing. Driller uses selective concolic execution to explore only the paths deemed interesting by the fuzzer and to generate inputs for conditions that the fuzzer cannot satisfy. We evaluate Driller on 126 applications released in the qualifying event of the DARPA Cyber Grand Challenge and show its efficacy by identifying the same number of vulnerabilities, in the same time, as the top-scoring team of the qualifying event.

show abstract

SOK: (State of) The Art of War: Offensive Techniques in Binary Analysis

Shoshitaishvili

et al. 2016

View full text Add to dashboard Cite

Finding and exploiting vulnerabilities in binary code is a challenging task. The lack of high-level, semantically rich information about data structures and control constructs makes the analysis of program properties harder to scale. However, the importance of binary analysis is on the rise. In many situations binary analysis is the only possible way to prove (or disprove) properties about the code that is actually executed. In this paper, we present a binary analysis framework that implements a number of analysis techniques that have been proposed in the past. We present a systematized implementation of these techniques, which allows other researchers to compose them and develop new approaches. In addition, the implementation of these techniques in a unifying framework allows for the direct comparison of these approaches and the identification of their advantages and disadvantages. The evaluation included in this paper is performed using a recent dataset created by DARPA for evaluating the effectiveness of binary vulnerability analysis techniques. Our framework has been open-sourced and is available to the security community.

show abstract

TSC1 controls macrophage polarization to prevent inflammatory disease

et al. 2014

View full text Add to dashboard Cite

Macrophages acquire distinct phenotypes during tissue stress and inflammatory responses, but the mechanisms that regulate the macrophage polarization are poorly defined. Here we show that tuberous sclerosis complex 1 (TSC1) is a critical regulator of M1 and M2 phenotypes of macrophages. Mice with myeloid-specific deletion of TSC1 exhibit enhanced M1 response and spontaneously develop M1-related inflammatory disorders. However, TSC1-deficient mice are highly resistant to M2-polarized allergic asthma. Inhibition of the mammalian target of rapamycin (mTOR) fails to reverse the hypersensitive M1 response of TSC1-deficient macrophages, but efficiently rescues the defective M2 polarization. Deletion of mTOR also fails to reverse the enhanced inflammatory response of TSC1-deficient macrophages. Molecular studies indicate that TSC1 inhibits M1 polarization by suppressing the Ras GTPase-Raf1-MEK-ERK pathway in mTOR-independent manner, whereas TSC1 promotes M2 properties by mTOR-dependent CCAAT/enhancer-binding protein-b pathways. Overall, these findings define a key role for TSC1 in orchestrating macrophage polarization via mTOR-dependent and independent pathways.

show abstract

Photoluminescence mechanism of carbon dots: triggering high-color-purity red fluorescence emission through edge amino protonation

et al. 2021

View full text Add to dashboard Cite

Due to complex structure and surface functionalities, photoluminescence mechanisms of Carbon Dots are unknown, and it is challenging to synthesize Carbon Dots to achieve the desired optical properties. Herein, Carbon Dots simultaneously exhibiting high-color-purity (FWHM~24 nm) long wavelength one-photon fluorescence emission at 620 nm and NIR induced two-photon fluorescence emission at 630 and 680 nm are prepared by edge amino protonation treatment. Systematic analysis reveals that the protonation of 2,3-diaminophenazine changes the molecular state of Carbon Dots, decreases the photon transition band gap, and triggers red fluorescence emission with the dramatically narrowed peak width. As the oxidation products of reactant o-phenylendiamine, the emergence of 2,3-diaminophenazine as a photoluminescence determiner suggests that fluorophore products of precursor conversion are viable determinants of the desired luminescence properties of Carbon Dots. This work shows a new way for predicting and controlling photoluminescence properties of Carbon Dots, and may guide the development of tunable Carbon Dots for a broad range of applications.

show abstract

Virulence Gene Regulation by the agr System in Clostridium perfringens

et al. 2009

View full text Add to dashboard Cite

A gram-positive anaerobic pathogen, Clostridium perfringens, causes clostridial myonecrosis or gas gangrene in humans by producing numerous extracellular toxins and enzymes that act in concert to degrade host tissue. The agr system is known to be important for the regulation of virulence genes in a quorum-sensing manner in Staphylococcus aureus. A homologue for S. aureus agrBD (agrBD Sa ) was identified in the C. perfringens strain 13 genome, and the role of C. perfringens agrBD (agrBD Cp ) was examined. The agrBD Cp knockout mutant did not express the theta-toxin gene, and transcription of the alpha-and kappa-toxin genes was also significantly decreased in the mutant strain. The mutant strain showed a recovery of toxin production after the addition of the culture supernatant of the wild-type strain, indicating that the agrBD Cp mutant lacks a signal molecule in the culture supernatant. An agr-virR double-knockout mutant was constructed to examine the role of the VirR/VirS two-component regulatory system, a key virulence regulator, in agrBD Cp -mediated regulation of toxin production. The double-mutant strain could not be stimulated for toxin production with the wild-type culture supernatant. These results indicate that the agrBD Cp system plays an important role in virulence regulation and also suggest that VirR/VirS is required for sensing of the extracellular signal and activation of toxin gene transcription in C. perfringens.Clostridium perfringens is a gram-positive, spore-forming, anaerobic bacterium. C. perfringens is the causative agent of several human and animal diseases, including clostridial myonecrosis, or gas gangrene (7). C. perfringens produces various extracellular enzymes and toxins, including alpha-, theta-, and kappa-toxins encoded by plc, pfoA, and colA, respectively (21). These toxin genes are positively regulated by the two-component VirR/VirS system (25) that is a major regulator of virulence in C. perfringens.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Ruoyu Wang

Driller: Augmenting Fuzzing Through Selective Symbolic Execution

SOK: (State of) The Art of War: Offensive Techniques in Binary Analysis

TSC1 controls macrophage polarization to prevent inflammatory disease

Photoluminescence mechanism of carbon dots: triggering high-color-purity red fluorescence emission through edge amino protonation

Virulence Gene Regulation by the agr System in Clostridium perfringens

Contact Info

Product

Resources

About