Dynamic binary analyzer for scanning vulnerabilities with taint analysis

Choi, Yong‐Keel; Park, Minwoo; Eom, Jung-Ho; Chung, Tai-Myoung

doi:10.1007/s11042-014-1922-5

Cited by 11 publications

(4 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Section: Related Workmentioning

confidence: 99%

“…AFLNET [20] uses state-feedback and coverage-feedback to guide the mutation of seeds and treat the message sequences as the fuzzing input to enable deep interaction with protocol implementations. And the work in [21] focuses on data flow at runtime. On Usenix2015, Ruiter et al modeled for the first time a state machine of the TLS protocol implementations based on the active learning method.…”

Section: Fuzzingmentioning

confidence: 99%

See 1 more Smart Citation

Coverage-guided differential testing of TLS implementations based on syntax mutation

Pan¹,

Lin²,

Yu-bo³

et al. 2022

PLoS ONE

View full text Add to dashboard Cite

Transport layer security (TLS) protocol is the most widely used security protocol in modern network communications. However, protocol vulnerabilities caused by the design of the network protocol or its implementation by programmers emerge one after another. Meanwhile, various versions of TLS protocol implementations exhibit different behavioral characteristics. Researchers are attempting to find the differences in protocol implementations based on differential testing, which is conducive to discovering the vulnerabilities. This paper provides a solution to find the differences more efficiently by targeting the TLS protocol handshake process. The differences of different implementations during the fuzzing process, such as code coverage and response data, are taken to guide the mutation of test cases, and the seeds are mutated based on the TLS protocol syntax. In addition, the definition of duplicate discrepancies is theoretically explored to investigate the root cause of the discrepancies and to reduce the number of duplicate cases that are caused by the same reason. Besides, the necessary conditions for excluding duplicate cases are further analyzed to develop the deduplication strategy. The proposed method is developed based on open-source tools, i.e., NEZHA and TLS-diff. Three types of widely used TLS protocol implementations, i.e., OpenSSL, BoringSSL, and LibreSSL, are taken for experimental testing. The experimental results show that the proposed method can effectively improve the ability to find differences between different implementations. Under the same test scale or the same time, the amount of discrepancies increases by about 20% compared to TLS-diff, indicating the effectiveness of the deduplication strategy.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Fuzzingmentioning

confidence: 99%

Coverage-guided differential testing of TLS implementations based on syntax mutation

Pan¹,

Lin²,

Yu-bo³

et al. 2022

PLoS ONE

View full text Add to dashboard Cite

show abstract

“…Binary analysis. Binary analysis techniques have been applied for different platforms, using static [7,9,12,21], dynamic [6,8,37], hybrid [11,22,54] and machine-learning-based [32,39,68,71] approaches. A recent work [15] tackles the challenging task of analyzing binaries by combining declarative static analysis (using Datalog declarative logic-based programming language) with reverse-engineering techniques to perform x-refs analysis in native libraries using Radare2 [51].…”

Section: Related Workmentioning

confidence: 99%

JuCify: A Step Towards Android Code Unification for Enhanced Static Analysis

Samhi,

Gao,

Daoudi

et al. 2021

Preprint

View full text Add to dashboard Cite

Native code is now commonplace within Android app packages where it co-exists and interacts with Dex bytecode through the Java Native Interface to deliver rich app functionalities. Yet, state-of-theart static analysis approaches have mostly overlooked the presence of such native code, which, however, may implement some key sensitive, or even malicious, parts of the app behavior. This limitation of the state of the art is a severe threat to validity in a large range of static analyses that do not have a complete view of the executable code in apps. To address this issue, we propose a new advance in the ambitious research direction of building a unified model of all code in Android apps. The JuCify approach presented in this paper is a significant step towards such a model, where we extract and merge call graphs of native code and bytecode to make the final model readily-usable by a common Android analysis framework: in our implementation, JuCify builds on the Soot internal intermediate representation. We performed empirical investigations to highlight how, without the unified model, a significant amount of Java methods called from the native code are "unreachable" in apps' call-graphs, both in goodware and malware. Using JuCify, we were able to enable static analyzers to reveal cases where malware relied on native code to hide invocation of payment library code or of other sensitive code in the Android framework. Additionally, JuCify's model enables state-of-the-art tools to achieve better precision and recall in detecting data leaks through native code. Finally, we show that by using JuCify we can find sensitive data leaks that pass through native code.

show abstract

“…The paper by Chung et al [3] presents a dynamic binary analyzer that can find unknown vulnerabilities and self-modifying code. They adopt taint analysis to find vulnerabilities that transpire during runtime.…”

mentioning

confidence: 99%

Guest Editorial: Convergence and Advanced Technology

Ghose

Ryu

2015

Multimed Tools Appl

View full text Add to dashboard Cite

Convergence and advanced technologies spring forth as a result of lateral entry by firms in different markets, and today, there is a synergistic combination of traditional industries and state-of-the-art technologies, such as information technology. The main goal of this issue is to bring researchers from academia together with professionals from different industries to share algorithms, solutions, and architectures as well as their experiences. We expect this special issue to be viewed as a continuum of products and as the lateral entry of research from different technological perspectives on digital management. The effort diffuses technological competencies and values within existing technologies' base information systems. The convergence process blurs traditional technological and sectorial boundaries and thus opens new avenues of technological innovation in ubiquitous technologies [1,4,6,10,15]. This issue challenges processing overhead in convergence and advanced technologies.The paper by Kim et al. [5] introduces an efficient mobility management scheme for convergence of mobile media multicast services in next-generation networks. The proposed scheme applies a method to quickly rejoin a relevant multicast stream by enabling the AIMS-MM system to collect multicast group information through a multicast group information handler located in the multicast router. The paper by Oh et al. [2] presents the development of a one-source multi-use cross-platform based on zero coding. This method is to research and develop a native application-based development tool that can perfectly satisfy both onesource-multi-use and cross-platform, and secure stable hardware control and execution speed.The paper by presents low-cost image indexing for a massive database. The proposed method is an identifier generation for indexing that is efficient and effective from the perspective of cost and indexing performance, in order to compose identifiers with high cardinality. The paper by Jo et al. [9] presents an access control system for secure extensible markup language (XML) telemedicine documents. This Multimed Tools Appl (2015) 74:2195-2200

show abstract

Dynamic binary analyzer for scanning vulnerabilities with taint analysis

Cited by 11 publications

References 6 publications

Coverage-guided differential testing of TLS implementations based on syntax mutation

Coverage-guided differential testing of TLS implementations based on syntax mutation

JuCify: A Step Towards Android Code Unification for Enhanced Static Analysis

Guest Editorial: Convergence and Advanced Technology

Contact Info

Product

Resources

About