Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
A Satellite-Ground Integration Test Scheme for Spacecraft Attitude and Orbit Control System Based on 1553B Bus Architecture Read chapter Read first chapter

2021 | OriginalPaper | Chapter

Not All Branches Are Equal: An Improved QSYM Schema for Binary Vulnerability Mining

Authors : Bo Wu, QinSi Yang, YuFeng Ma

Published in: Signal and Information Processing, Networking and Computers

Publisher: Springer Singapore

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Recently, with the observation that fuzzing and concolic execution can complement each other, fuzzing and concolic execution combined method has been widely used for mining vulnerabilities in real world software, while not paying enough attention to the complementary strategy. That is current methods, such as Driller, QYSM, etc., normally use the on-demand strategy to switch between fuzzing and concolic execution engine, which drives down the efficiency of vulnerability mining process. This paper proposed a novel un-touched branch guided strategy to make full use of both fuzzing and concolic execution capability. By combining static analysis and runtime information, we can construct a dynamic set of un-touched and tainted branches, and the corres-pondence test case which can reach the brother branches, and then we can select the best input test case to drive concolic execution, and generate new test cases to cover the un-touched branches. We implement a prototype system FPSFuzz and evaluate our system with LAVA-M dataset and compared it with QSYM. The results show that FPSFuzz found more vulnerabilities quickly and improved the contribution of conclic execution for hybrid fuzzing, which significantly improves the efficiency.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter A Novel Plume Radiation Model for Analyzing Thruster Plume Impact on IRES Based on Numerical Simulation
next chapter Not All Comparisons Are Equal:An Improvement for Input-to-State Correspondence Method
Literature
1.
Delaitre, A., Stivalet, B., Fong, E., et al.: Evaluating bug finders–test and measurement of static code analyzers. In: 2015 IEEE/ACM 1st International Workshop on Complex Faults and Failures in Large Software Systems. pp. 14–20. IEEE (2015)
2.
Stephens, N.: Augmenting fuzzing through selective symbolic execution. In: Proceedings 2016 Network and Distributed System Security Symposium (2016)
3.
Zhao, L., Duan, Y., Yin, H., et al.: Send hardest problems my way: probabilistic path prioritization for hybrid fuzzing. In: Proceedings 2019 Network and Distributed System Security Symposium, (2019)
4.
Sergej, S., Cornelius, A., Robert, G., Sebastian, S., Thorsten, H.: kafl: Hardware-assisted feedback fuzzing for os kernels. In: USENIX Security Symposium (2017)
5.
Insu, Y., Sangho, L., Meng, X., Yeongjin, J., Taesoo, K.: QSYM: a practical concolic execution engine tailored for hybrid fuzzing. In: USENIX Security Symposium, Baltimore, MD, (2018)
6.
Dolan-Gavitt, B., Hulin, P., Kirda, E., et al.: LAVA: large-scale automated vulnerability addition. In: IEEE Security Privacy. IEEE (2016)
7.
Chipounov, V., Kuznetsov, V., Candea, G.: S2E: a platform for in-vivo multi-path analysis of software systems. In: Sixteenth International Conference on Architectural Support for Programming Languages & Operating Systems. ACM (2011)
Metadata
Title
Not All Branches Are Equal: An Improved QSYM Schema for Binary Vulnerability Mining
Authors
Bo Wu
QinSi Yang
YuFeng Ma
Copyright Year
2021
Publisher
Springer Singapore
Book
Signal and Information Processing, Networking and Computers

Print ISBN: 978-981-334-101-2

Electronic ISBN: 978-981-334-102-9

Copyright Year: 2021

DOI
https://doi.org/10.1007/978-981-33-4102-9_88

Premium Partner

    Image Credits