Static Detection of Vulnerabilities in X86 Executables

Free registration required

Executive Summary

In the last few years, several approaches have been proposed to perform vulnerability analysis of applications written in high-level languages. However, little has been done to automatically identify security-relevant flaws in binary code. In this paper, the authors present a novel approach to the identification of vulnerabilities in x86 executables in ELF binary format. Their approach is based on static analysis and symbolic execution techniques. They implemented their approach in a proof-of-concept tool and used it to detect taint-style vulnerabilities in binary code. The results of their evaluation show that their approach is both practical and effective.

  • Format: PDF
  • Size: 321.76 KB