SymWalker: Symbolic Execution in Routines of Binary Code

Author

Jinxin Ma ; Guowei Dong ; Puhan Zhang ; Tao Guo

Author_Institution

China Inf. Technol. Security Evaluation Center, Beijing, China

fYear

2014

fDate

15-16 Nov. 2014

Firstpage

694

Lastpage

698

Abstract

Detecting vulnerabilities in binary codes is one of the most difficult problems due to the lack of type information and symbols. We propose a novel tool to perform symbolic execution inside the routines of binary codes, providing easy static analysis for vulnerability detection. Compared with existing systems, our tool has four properties: first, it could work on binary codes without source codes, second, it employs the VEX language for program analysis, thus having no side effects, third, it could deliver high coverage by statically executing on control flow graphs of disassembly codes, fourth, two security property rules are summarized to detect the corresponding vulnerabilities, based on which a convenient interface is provided for developers to detecting vulnerabilities, such as buffer overflow, improper memory access, and etc. Experimental results on real software binary files show that our tool could efficiently detect different types of vulnerabilities.

Keywords

binary codes; flow graphs; program diagnostics; programming languages; symbol manipulation; SymWalker; VEX language; binary code routines; binary code vulnerability detection; control flow graphs; disassembly codes; program analysis; security property rules; software binary files; source codes; static analysis; symbolic execution; Binary codes; Computer bugs; Computer languages; Computers; Registers; Security; Software; Symbolic execution; control flow analysis; security property; vulnerabilities;

fLanguage

English

Publisher

ieee

Conference_Titel

Computational Intelligence and Security (CIS), 2014 Tenth International Conference on

Conference_Location

Kunming

Print_ISBN

978-1-4799-7433-7

Type

conf

DOI

10.1109/CIS.2014.16

Filename

7016986