Date Added: Aug 2006
In the last few years, several approaches have been proposed to perform vulnerability analysis of applications written in high-level languages. However, little has been done to automatically identify security-relevant flaws in binary code. In this paper, the authors present a novel approach to the identification of vulnerabilities in x86 executables in ELF binary format. Their approach is based on static analysis and symbolic execution techniques. They implemented their approach in a proof-of-concept tool and used it to detect taint-style vulnerabilities in binary code. The results of their evaluation show that their approach is both practical and effective.