Logo des Repositoriums
 
Zeitschriftenartikel

Cross-architecture bug search in binary executables

Vorschaubild nicht verfügbar

Volltext URI

Dokumententyp

Text/Journal Article

Zusatzinformation

Datum

2017

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Verlag

De Gruyter

Zusammenfassung

With the general availability of closed-source software for various CPU architectures, there is a need to identify security-critical vulnerabilities at the binary level. Unfortunately, existing bug finding methods fall short in that they i) require source code, ii) only work on a single architecture (typically x86), or iii) rely on dynamic analysis, which is difficult for embedded devices. In this paper, we propose a system to derive bug signatures for known bugs. First, we compute semantic hashes for the basic blocks of the binary. When can then use these semantics to find code parts in the binary that behave similarly to the bug signature, effectively revealing code parts that contain the bug. As a result, we can find vulnerabilities, e.g., the famous Heartbleed vulnerabilities, in buggy binary code for any of the supported architectures (currently, ARM, MIPS and x86).

Beschreibung

Pewny, Jannik; Garmany, Behrad; Gawlik, Robert; Rossow, Christian; Holz, Thorsten (2017): Cross-architecture bug search in binary executables. it - Information Technology: Vol. 59, No. 5. DOI: 10.1515/itit-2016-0040. Berlin: De Gruyter. PISSN: 1611-2776. pp. 83. Thematic Issue: Vulnerability Analysis

Zitierform

Tags