Automated Search for Vulnerabilities in ARM Software Using Dynamic Symbolic Execution

被引:1
|
作者
Ovasapyan, T. D. [1 ]
Knyazev, P., V [1 ]
Moskvin, D. A. [1 ]
机构
[1] Peter Great St Petersburg Polytech Univ, St Petersburg 195251, Russia
来源
AUTOMATIC CONTROL AND COMPUTER SCIENCES | 2021年 / 55卷 / 08期
基金
俄罗斯基础研究基金会;
关键词
symbolic execution; ARM architecture; taint analysis; Internet of Things; cyberphysical systems; fuzzing; NETWORKS;
D O I
10.3103/S014641162108023X
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Automated search for vulnerabilities in ARM IoT devices is considered. The problems of using symbolic execution for vulnerability detection are investigated. A dynamic symbolic execution approach with taint analysis is proposed to improve the efficiency of vulnerability detection, which eliminates the problems that arise when using classical symbolic execution.
引用
收藏
页码:932 / 940
页数:9
相关论文
共 50 条
  • [31] Identifying Privilege Separation Vulnerabilities in IoT Firmware with Symbolic Execution
    Yao, Yao
    Zhou, Wei
    Jia, Yan
    Zhu, Lipeng
    Liu, Peng
    Zhang, Yuqing
    COMPUTER SECURITY - ESORICS 2019, PT I, 2019, 11735 : 638 - 657
  • [32] Improving Search-based Test Suite Generation with Dynamic Symbolic Execution
    Galeotti, Juan Pablo
    Fraser, Gordon
    Arcuri, Andrea
    2013 IEEE 24TH INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING (ISSRE), 2013, : 360 - 369
  • [33] FlawCheck: Detecting Smart Contract Vulnerabilities Based on Symbolic Execution
    Gou, Naixiang
    Zhao, Xiangfu
    Wang, Shiji
    Zhang, Hanfeng
    Yang, Jiahui
    SECURITY AND PRIVACY, 2025, 8 (02):
  • [34] Integration Testing of Software Product Lines Using Compositional Symbolic Execution
    Shi, Jiangfan
    Cohen, Myra B.
    Dwyer, Matthew B.
    FUNDAMENTAL APPROACHES TO SOFTWARE ENGINEERING, FASE 2012, 2012, 7212 : 270 - 284
  • [35] Dynamic Symbolic Execution of Java']Java Programs Using JNI
    Vartanov, Sergey
    2017 ELEVENTH INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND INFORMATION TECHNOLOGIES (CSIT), 2017, : 83 - 86
  • [36] Shadow Symbolic Execution for Testing Software Patches
    Kuchta, Tomasz
    Palikareva, Hristina
    Cadar, Cristian
    ACM TRANSACTIONS ON SOFTWARE ENGINEERING AND METHODOLOGY, 2018, 27 (03)
  • [37] Software Vulnerabilities' Detection by Analysing Application Execution Traces
    Koala, Gouayon
    Bassole, Didier
    Tiendrebeogo, Telesphore
    Sie, Oumarou
    INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS, 2023, 14 (06) : 1288 - 1294
  • [38] Distributed Symbolic Execution for Binary Software Testing
    Wu, Bo
    Li, Mengjun
    Zhang, Bin
    Zhang, Quan
    Tang, Chaojing
    2014 IEEE WORKSHOP ON ELECTRONICS, COMPUTER AND APPLICATIONS, 2014, : 618 - 621
  • [39] TracerX: Dynamic symbolic execution with interpolation
    Jaffar, Joxan
    Maghareh, Rasool
    Godboley, Sangharatna
    Ha, Xuan-Linh
    arXiv, 2020,
  • [40] Dynamic Path Pruning in Symbolic Execution
    Chen, Ying-Shen
    Chen, Wei-Ning
    Wu, Che-Yu
    Hsiao, Hsu-Chun
    Huang, Shih-Kun
    2018 IEEE CONFERENCE ON DEPENDABLE AND SECURE COMPUTING (DSC), 2018, : 123 - 130
12345