![](/images/graphics-bg.png)
An Exploitability Analysis Technique for Binary Vulnerability Based on Automatic Exception Suppression
Joint Authors
Feng, Chao
Tang, Chaojing
Jiang, Zhiyuan
Source
Security and Communication Networks
Issue
Vol. 2018, Issue 2018 (31 Dec. 2018), pp.1-21, 21 p.
Publisher
Hindawi Publishing Corporation
Publication Date
2018-03-28
Country of Publication
Egypt
No. of Pages
21
Main Subjects
Information Technology and Computer Science
Abstract EN
To quickly verify and fix vulnerabilities, it is necessary to judge the exploitability of the massive crash generated by the automated vulnerability mining tool.
While the current manual analysis of the crash process is inefficient and time-consuming, the existing automated tools can only handle execute exceptions and some write exceptions but cannot handle common read exceptions.
To address this problem, we propose a method of determining the exploitability based on the exception type suppression.
This method enables the program to continue to execute until an exploitable exception is triggered.
The method performs a symbolic replay of the crash sample, constructing and reusing data gadget, to bypass the complex exception, thereby improving the efficiency and accuracy of vulnerability exploitability analysis.
The testing of typical CGC/RHG binary software shows that this method can automatically convert a crash that cannot be judged by existing analysis tools into a different crash type and judge the exploitability successfully.
American Psychological Association (APA)
Jiang, Zhiyuan& Feng, Chao& Tang, Chaojing. 2018. An Exploitability Analysis Technique for Binary Vulnerability Based on Automatic Exception Suppression. Security and Communication Networks،Vol. 2018, no. 2018, pp.1-21.
https://search.emarefa.net/detail/BIM-1214153
Modern Language Association (MLA)
Jiang, Zhiyuan…[et al.]. An Exploitability Analysis Technique for Binary Vulnerability Based on Automatic Exception Suppression. Security and Communication Networks No. 2018 (2018), pp.1-21.
https://search.emarefa.net/detail/BIM-1214153
American Medical Association (AMA)
Jiang, Zhiyuan& Feng, Chao& Tang, Chaojing. An Exploitability Analysis Technique for Binary Vulnerability Based on Automatic Exception Suppression. Security and Communication Networks. 2018. Vol. 2018, no. 2018, pp.1-21.
https://search.emarefa.net/detail/BIM-1214153
Data Type
Journal Articles
Language
English
Notes
Includes bibliographical references
Record ID
BIM-1214153