Static Detection of Vulnerabilities in x86 Executables

14 years 5 months ago

Download www.acsac.org

In the last few years, several approaches have been proposed to perform vulnerability analysis of applications written in high-level languages. However, little has been done to automatically identify security-relevant ﬂaws in binary code. In this paper, we present a novel approach to the identiﬁcation of vulnerabilities in x86 executables in ELF binary format. Our approach is based on static analysis and symbolic execution techniques. We implemented our approach in a proof-of-concept tool and used it to detect taint-style vulnerabilities in binary code. The results of our evaluation show that our approach is both practical and effective.

Marco Cova, Viktoria Felmetsger, Greg Banks, Giova

Real-time Traffic

ACSAC 2006 | Binary Code | ELF Binary Format | Security Privacy | Symbolic Execution Techniques |

claim paper

Post Info
More Details (n/a)

Added	10 Jun 2010
Updated	10 Jun 2010
Type	Conference
Year	2006
Where	ACSAC
Authors	Marco Cova, Viktoria Felmetsger, Greg Banks, Giovanni Vigna

Comments (0)

Sciweavers

Static Detection of Vulnerabilities in x86 Executables

ACSAC 2006 | Binary Code | ELF Binary Format | Security Privacy | Symbolic Execution Techniques |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers