Automated Search for Vulnerabilities in ARM Software Using Dynamic Symbolic Execution

被引:1
|
作者
Ovasapyan, T. D. [1 ]
Knyazev, P., V [1 ]
Moskvin, D. A. [1 ]
机构
[1] Peter Great St Petersburg Polytech Univ, St Petersburg 195251, Russia
来源
AUTOMATIC CONTROL AND COMPUTER SCIENCES | 2021年 / 55卷 / 08期
基金
俄罗斯基础研究基金会;
关键词
symbolic execution; ARM architecture; taint analysis; Internet of Things; cyberphysical systems; fuzzing; NETWORKS;
D O I
10.3103/S014641162108023X
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Automated search for vulnerabilities in ARM IoT devices is considered. The problems of using symbolic execution for vulnerability detection are investigated. A dynamic symbolic execution approach with taint analysis is proposed to improve the efficiency of vulnerability detection, which eliminates the problems that arise when using classical symbolic execution.
引用
收藏
页码:932 / 940
页数:9
相关论文
共 50 条
  • [21] Embedded software verification using symbolic execution and uninterpreted functions
    Currie, D
    Feng, XS
    Fujita, M
    Hu, AJ
    Kwan, M
    Rajan, S
    INTERNATIONAL JOURNAL OF PARALLEL PROGRAMMING, 2006, 34 (01) : 61 - 91
  • [22] Embedded Software Verification Using Symbolic Execution and Uninterpreted Functions
    David Currie
    Xiushan Feng
    Masahiro Fujita
    Alan J. Hu
    Mark Kwan
    Sreeranga Rajan
    International Journal of Parallel Programming, 2006, 34 : 61 - 91
  • [23] Using dynamic symbolic execution to improve deductive verification
    Vanoverberghe, Dries
    Bjorner, Nikolaj
    de Halleux, Jonathan
    Schulte, Wolfram
    Tillmann, Nikolai
    MODEL CHECKING SOFTWARE, PROCEEDINGS, 2008, 5156 : 9 - 25
  • [24] Using Metamorphic Testing to Improve Dynamic Symbolic Execution
    Alatawi, Eman
    Miller, Tim
    Sondergaard, Harald
    2015 24TH AUSTRALASIAN SOFTWARE ENGINEERING CONFERENCE (ASWEC 2015), 2015, : 38 - 47
  • [25] SOFTWARE SPECIALIZATION VIA SYMBOLIC EXECUTION
    COENPORISINI, A
    DEPAOLI, F
    GHEZZI, C
    MANDRIOLI, D
    IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 1991, 17 (09) : 884 - 899
  • [26] Efficient symbolic execution for software testing
    Kinder, Johannes
    2014 FORMAL METHODS IN COMPUTER-AIDED DESIGN (FMCAD), 2014, : 5 - 5
  • [27] Deconstructing Dynamic Symbolic Execution
    Ball, Thomas
    Daniel, Jakub
    DEPENDABLE SOFTWARE SYSTEMS ENGINEERING, 2015, 40 : 26 - 41
  • [28] Augmented Dynamic Symbolic Execution
    Jamrozik, Konrad
    Fraser, Gordon
    Tillmann, Nikolai
    de Halleux, Jonathan
    2012 PROCEEDINGS OF THE 27TH IEEE/ACM INTERNATIONAL CONFERENCE ON AUTOMATED SOFTWARE ENGINEERING (ASE), 2012, : 254 - 257
  • [29] Dynamic Symbolic Execution for Polymorphism
    Li, Lian
    Lu, Yi
    Xue, Jingling
    CC'17: PROCEEDINGS OF THE 26TH INTERNATIONAL CONFERENCE ON COMPILER CONSTRUCTION, 2017, : 120 - 130
  • [30] Combining Search-based Testing and Dynamic Symbolic Execution by Evolvability Metric
    Zhu, Ziming
    Jiao, Li
    Xu, Xiong
    PROCEEDINGS 2018 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE MAINTENANCE AND EVOLUTION (ICSME), 2018, : 59 - 68
12345