Skip to main content
Conference Proceedings

Deepfuzz: Triggering vulnerabilities deeply hidden in binaries

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2016) 9721 25-34
DOI: 10.1007/978-3-319-40667-1_2
19Citations
Citations of this article
8Readers
Mendeley users who have this article in their library.
Get full text

Abstract

We introduce a new method for triggering vulnerabilities in deep layers of binary executables and facilitate their exploitation. In our approach we combine dynamic symbolic execution with fuzzing techniques. To maximize both the execution path depth and the degree of freedom in input parameters for exploitation, we define a novel method to assign probabilities to program paths. Based on this probability distribution we apply new path exploration strategies. This facilitates payload generation and therefore vulnerability exploitation.

Author supplied keywords

Cite

CITATION STYLE

APA

Böttinger, K., & Eckert, C. (2016). Deepfuzz: Triggering vulnerabilities deeply hidden in binaries. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9721, pp. 25–34). Springer Verlag. https://doi.org/10.1007/978-3-319-40667-1_2

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free