A. V. Vishnyakov, E. A. Kobrin, A. N. Fedotov, “Error detection in binary code with dynamic symbolic execution”, Proceedings of ISP RAS, 34:2 (2022), 25

Proceedings of the Institute for System Programming of the RAS

RUS ENG

JOURNALS PEOPLE ORGANISATIONS CONFERENCES SEMINARS VIDEO LIBRARY PACKAGE AMSBIB

JavaScript is disabled in your browser. Please switch it on to enable full functionality of the website

	General information
	Latest issue
	Archive

	Search papers
	Search references

	RSS
	Latest issue
	Current issues
	Archive issues
	What is RSS

Proceedings of ISP RAS:
Year:
Volume:
Issue:
Page:
	Find

Personal entry:
Login:
Password:
	Save password
	Enter
	Forgotten password?
	Register

Proceedings of the Institute for System Programming of the RAS, 2022, Volume 34, Issue 2, Pages 25–42
DOI: https://doi.org/10.15514/ISPRAS-2022-34(2)-3 (Mi tisp675)

This article is cited in 1 scientific paper (total in 1 paper)

Error detection in binary code with dynamic symbolic execution

A. V. Vishnyakov^a, E. A. Kobrin^ba, A. N. Fedotov^a

^a Institute for System Programming, Russian Academy of Sciences
^b Lomonosov Moscow State University

Full-text PDF (868 kB) Citations (1)

DOI: https://doi.org/10.15514/ISPRAS-2022-34(2)-3

Abstract: Modern software is rapidly developing, revealing new program errors. More and more companies follow security development lifecycle (SDL). Fuzzing and symbolic execution are among the most popular options for supporting SDL. They allow to automatically test programs and find errors. Hybrid fuzzing is one of the most effective ways to test programs, which combines these two techniques. Checking security predicates during symbolic execution is an advanced technique, which focuses on solving extra constraints for input data to find an error and generate an input file to reproduce it. In this paper we propose a method for automatically detecting errors with the help of dynamic symbolic execution, combining hybrid fuzzing and checking security predicates. Firstly, we run hybrid fuzzing, which is required to increase number of corpora seeds. Then we minimize corpora. Thus, it would give the same coverage as the original corpora. After that we check security predicates on minimized corpora. Thus, security predicates allow to find errors like division by zero, out of bounds access, integer overflow, and more. Security predicates results are later verified with sanitizers to filter false positive results. As a result of applying the proposed method to different open source programs, we found 11 new different errors in 5 projects.

Keywords: dynamic symbolic execution, DSE, fuzzing, security predicate, automatic error detection, security development lifecycle, SDL, binary code, sanitizer, bug, error, CWE

Funding agency	Grant number
Russian Foundation for Basic Research	20-07-00921 A
This work was supported by RFBR grant 20-07-00921 A

Document Type: Article

Language: Russian

Citation: A. V. Vishnyakov, E. A. Kobrin, A. N. Fedotov, “Error detection in binary code with dynamic symbolic execution”, Proceedings of ISP RAS, 34:2 (2022), 25–42

Citation in format AMSBIB

\Bibitem{VisKobFed22}

\by A.~V.~Vishnyakov, E.~A.~Kobrin, A.~N.~Fedotov

\paper Error detection in binary code with dynamic symbolic execution

\jour Proceedings of ISP RAS

\yr 2022

\vol 34

\issue 2

\pages 25--42

\mathnet{http://mi.mathnet.ru/tisp675}

\crossref{https://doi.org/10.15514/ISPRAS-2022-34(2)-3}

Linking options:

https://www.mathnet.ru/eng/tisp675

https://www.mathnet.ru/eng/tisp/v34/i2/p25

This publication is cited in the following 1 articles:

Citing articles in Google Scholar: Russian citations, English citations
Related articles in Google Scholar: Russian articles, English articles

Proceedings of the Institute for System Programming of the RAS

Statistics & downloads:
Abstract page:	27
Full-text PDF :	15

Что такое QR-код?

Registration to the website

Logotypes