Vulnerability Analysis for X86 Executables Using Genetic Algorithm and Fuzzing

Guang-Hong, Liu; Wu, Gang; Zheng, Tao; Shuai, Jianmei; Zhuo-Chun, Tang

doi:10.1109/iccit.2008.9

Cited by 15 publications

(5 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Song and his team have presented the BitBlaze method for the analysis of malicious software [39] . Liu and his colleagues have identified vulnerabilities in x86 programs using obfuscation methods and genetic algorithms [40] . Kroes and his team have provided automatic detection methods for memory management errors using Delta pointers [41] .…”

Section: Literature Reviewmentioning

confidence: 99%

Detection of Buffer Overflow Attacks with Memoization-based Rule Set

Özger,

Öztekİn

2023

j. of Comput. sci. res.

View full text Add to dashboard Cite

Different abnormalities are commonly encountered in computer network systems. These types of abnormalities can lead to critical data losses or unauthorized access in the systems. Buffer overflow anomaly is a prominent issue among these abnormalities, posing a serious threat to network security. The primary objective of this study is to identify the potential risks of buffer overflow that can be caused by functions frequently used in the PHP programming language and to provide solutions to minimize these risks. Static code analyzers are used to detect security vulnerabilities, among which SonarQube stands out with its extensive library, flexible customization options, and reliability in the industry. In this context, a customized rule set aimed at automatically detecting buffer overflows has been developed on the SonarQube platform. The memoization optimization technique used while creating the customized rule set enhances the speed and efficiency of the code analysis process. As a result, the code analysis process is not repeatedly run for code snippets that have been analyzed before, significantly reducing processing time and resource utilization. In this study, a memoization-based rule set was utilized to detect critical security vulnerabilities that could lead to buffer overflow in source codes written in the PHP programming language. Thus, the analysis process is not repeatedly run for code snippets that have been analyzed before, leading to a significant reduction in processing time and resource utilization. In a case study conducted to assess the effectiveness of this method, a significant decrease in the source code analysis time was observed.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Detection of Buffer Overflow Attacks with Memoization-based Rule Set

Özger,

Öztekİn

2023

j. of Comput. sci. res.

View full text Add to dashboard Cite

show abstract

“…Dowser [19] and offset-aware fuzzing [39] use a combination of taint analysis and symbolic execution to generate overflow-inducing inputs. However, gray-box fuzzing techniques [25], [31], [38] require access to the runtime state of the target program making them unsuitable for embedded devices. DIFUZE [10] uses the interface information extracted using static analysis for fuzzing mobile kernel drivers.…”

Section: Related Workmentioning

confidence: 99%

Karonte: Detecting Insecure Multi-binary Interactions in Embedded Firmware

Redini

Machiry

Wang

et al. 2020

2020 IEEE Symposium on Security and Privacy (SP)

View full text Add to dashboard Cite

Low-power, single-purpose embedded devices (e.g., routers and IoT devices) have become ubiquitous. While they automate and simplify many aspects of users' lives, recent large-scale attacks have shown that their sheer number poses a severe threat to the Internet infrastructure. Unfortunately, the software on these systems is hardware-dependent, and typically executes in unique, minimal environments with non-standard configurations, making security analysis particularly challenging. Many of the existing devices implement their functionality through the use of multiple binaries. This multi-binary service implementation renders current static and dynamic analysis techniques either ineffective or inefficient, as they are unable to identify and adequately model the communication between the various executables. In this paper, we present KARONTE, a static analysis approach capable of analyzing embedded-device firmware by modeling and tracking multi-binary interactions. Our approach propagates taint information between binaries to detect insecure interactions and identify vulnerabilities. We first evaluated KARONTE on 53 firmware samples from various vendors, showing that our prototype tool can successfully track and constrain multi-binary interactions. This led to the discovery of 46 zero-day bugs. Then, we performed a large-scale experiment on 899 different samples, showing that KARONTE scales well with firmware samples of different size and complexity.

show abstract

“…Genetic Algorithms. The most frequently used ML technique for input generation is the genetic algorithm (GA) [13,14,17,28,30]. GAs, a type of unsupervised ML inspired by biological evolution, provide the core algorithms in evolutionary fuzzers.…”

Section: Input Generationmentioning

confidence: 99%

A Review of Machine Learning Applications in Fuzzing

Saavedra,

Rodhouse,

Dunlavy

et al. 2019

Preprint

View full text Add to dashboard Cite

Fuzzing has played an important role in improving software development and testing over the course of several decades. Recent research in fuzzing has focused on applications of machine learning (ML), offering useful tools to overcome challenges in the fuzzing process. This review surveys the current research in applying ML to fuzzing. Specifically, this review discusses successful applications of ML to fuzzing, briefly explores challenges encountered, and motivates future research to address fuzzing bottlenecks.

show abstract

Vulnerability Analysis for X86 Executables Using Genetic Algorithm and Fuzzing

Cited by 15 publications

References 8 publications

Detection of Buffer Overflow Attacks with Memoization-based Rule Set

Detection of Buffer Overflow Attacks with Memoization-based Rule Set

Karonte: Detecting Insecure Multi-binary Interactions in Embedded Firmware

A Review of Machine Learning Applications in Fuzzing

Contact Info

Product

Resources

About