Abstract
The vulnerabilities exploitable validation is the core of vulnerability analysis technology. To solve the limitations of manual reappearance and exploits of vulnerabilities, current vulnerability automatic exploit technology has achieved preliminary progress. This paper presented an overview of the field of automatic vulnerability exploits, and classified current automatic vulnerability exploits method into 3 categories: patch comparison scheme, control flow oriented scheme and data flow oriented scheme, introduced the core principle, process, research status of each category, summarized the advantages and limitations of each category, and proposed the direction of future research. This survey on software vulnerability automatic exploits can provide a theoretical guidance for the future research work.
Supported by National University of Defense and Technology and National Natural Science Foundation No.61402492.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Xia, Z., Xiong, N.N., Vasilakos, A.V., et al.: EPCBIR: an efficient and privacy-preserving content-based image retrieval scheme in cloud computing. Inf. Sci. 387, 195–204 (2016)
Xia, Z., Zhu, Y., Sun, X.: Towards privacy-preserving content-based image retrieval in cloud computing. IEEE Trans. Cloud Comput. 2015(99), 1–1 (2016). https://doi.org/10.1109/srds.2015.27
Cai, Z.P., Chen, M., Chen, S., et al.: Searching for widespread events in large networked systems by cooperative monitoring. In: IEEE International Conference on Network Protocols, pp. 123–133, San Francisco (2015). https://doi.org/10.1109/icnp.2015.46
Cai, Z., Wang, Z., Zheng, K.: A distributed TCAM coprocessor architecture for integrated longest prefix matching, policy filtering, and content filtering. IEEE Trans. Comput. 62(3), 417–427 (2013). https://doi.org/10.1109/tc.2011.255
Liu, Y., Cai, Z.P., Zhong, P.: Detection approach of DDoS attacks based on conditional random fields. J. Softw. 22(8), 1897–1910 (2011)
Miller, C., Caballero, J., Berkeley, U.: Crash analysis with BitBlaze. Revista Mexicana De Sociologa 44(1), 81–117 (2010)
Heelan, S., Kroening, D.: Automatic generation of control flow hijacking exploits for software vulnerabilities. M.Sc. Computer Science Dissertation (2009)
Tang, H., Huang, S., Li, Y., et al.: Dynamic taint analysis for vulnerability exploits detection. In: International Conference on Computer Engineering and Technology, vol. 2, pp. 215–218 (2010). https://doi.org/10.1109/iccet.2010.5485224
Ma, J.X., Li, Z.J., Zhang, T., Shen, D., Zhang, Z.K.: Taint analysis method based on offline indices of instruction trace. J. Softw. 28, 2388–2401 (2017)
Sheth, M.: System and method for facilitating static analysis of software applications, US 20160179486 (2016)
Schutte, J., Brost, G.S.: A data usage control system using dynamic taint tracking. In: International Conference on Advanced Information Networking and Applications, pp. 909–916, IEEE Computer Society (2016). https://doi.org/10.1109/aina.2016.127
King, J.C.: Symbolic execution and program testing. Commun. ACM 19(7), 385–394 (1976)
Berdine, J., Calcagno, C., OHearn, P.W.: Symbolic execution with separation logic. In: Yi, K. (ed.) APLAS 2005. LNCS, vol. 3780, pp. 52–68. Springer, Heidelberg (2005). https://doi.org/10.1007/11575467_5
Khurshid, S., PĂsĂreanu, C.S., Visser, W.: Generalized symbolic execution for model checking and testing. In: Garavel, H., Hatcliff, J. (eds.) TACAS 2003. LNCS, vol. 2619, pp. 553–568. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36577-X_40
Boyer, R.S., Elspas, B., Levitt, K.N.: SELECT-a formal system for testing and debugging programs by symbolic execution. In: International Conference on Reliable Software, vol. 10, pp. 234–245 (1975). https://doi.org/10.1145/800027.808445
Basu, J.P.: Vulnerability analysis. In: Basu, J.P. (ed.) Climate Change Adaptation and Forest Dependent Communities, pp. 57–58. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-52325-5_4
Ghaffarian, S.M., Shahriari, H.R.: Software vulnerability analysis and discovery using machine-learning and data-mining techniques: a survey. ACM Comput. Surv. 50(4), 1–36 (2017)
Albab, K.D., Issa, R., Lapets, A., et al.: Scalable secure multi-party network vulnerability analysis via symbolic optimization. In: IEEE Security and Privacy Workshops, pp. 211–216. IEEE Computer Society (2017). https://doi.org/10.1109/spw.2017.21
Sheth, M.: System and method for facilitating static analysis of software applications. US 20160179486 (2016)
Brumley, D., Poosankam, P., Song, D., et al.: Automatic patch-based exploit generation is possible: techniques and implications. In: IEEE Symposium on Security and Privacy, pp. 143–157 (2008). https://doi.org/10.1109/sp.2008.17
Allodi, L., Massacci, F.: Comparing vulnerability severity and exploits using case-control studies. ACM Trans. Inf. Syst. Secur. 17(1), 1–20 (2014)
Avgerinos, T., Sang, K.C., Hao, B.L.T., et al.: AEG: automatic exploit generation. In: Network and Distributed System Security Symposium. NDSS. DBLP, USA (2011)
Tsai, T., Singh, N.: Libsafe 2.0: detection of format string vulnerability exploits. White Paper (2001)
Avgerinos, T., Rebert, A., Brumley, D., et al.: Unleashing mayhem on binary code. vol. 19, pp. 380–394 (2012)
Wang, M., Su, P., Li, Q., Ying, L., Yang, Y., Feng, D.: Automatic polymorphic exploit generation for software vulnerabilities. In: Zia, T., Zomaya, A., Varadharajan, V., Mao, M. (eds.) SecureComm 2013. LNICST, vol. 127, pp. 216–233. Springer, Cham (2013). https://doi.org/10.1007/978-3-319-04283-1_14
Schwartz, E.J., Avgerinos, T., Brumley, D.: Q: exploit hardening made easy. In: Usenix Conference on Security, pp. 25–25. USENIX Association (2011)
Hu, H., Zheng, L.C., Adrian, S., et al.: Automatic generation of data-oriented exploits (2015)
Jan, S., Panichella, A., Arcuri, A., et al.: Automatic generation of tests to exploit XML injection vulnerabilities in web applications. 99, 1–1 (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Tan, T., Wang, B., Xu, Z., Tang, Y. (2018). The New Progress in the Research of Binary Vulnerability Exploits. In: Sun, X., Pan, Z., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2018. Lecture Notes in Computer Science(), vol 11064. Springer, Cham. https://doi.org/10.1007/978-3-030-00009-7_26
Download citation
DOI: https://doi.org/10.1007/978-3-030-00009-7_26
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00008-0
Online ISBN: 978-3-030-00009-7
eBook Packages: Computer ScienceComputer Science (R0)