ReFuzz: A Remedy for Saturation in Coverage-Guided Fuzzing

Qian, Lei; Zhang, Dalin; Da, Rihan; Zhang, Hailong

doi:10.3390/electronics10161921

Cited by 1 publication

(2 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The construction of the exploit-mitigation bypassing constraints is mainly for the expressions between symbolic memory and concrete values. For example, the one-byte memory symbol expression at Targetmemory is shown in Equation (1).…”

Section: Payload Constraints Constructionmentioning

confidence: 99%

See 1 more Smart Citation

AEMB: An Automated Exploit Mitigation Bypassing Solution

et al. 2021

View full text Add to dashboard Cite

Modern operating systems set exploit mitigations to thwart the exploit, which has also become a barrier to automated exploit generation (AEG). Many current AEG solutions do not fully account for exploit mitigations, and as a result, they are unable to accurately assess the exploitability of vulnerabilities in such settings.This paper proposes AEMB , an automated solution for bypassing exploit mitigations and generating useable exploits (EXPs). Initially, AEMB identifies exploit mitigations in the system based on characteristics of the program execution environment . Then, AEMB implements exploit mitigations bypassing the payload generation by modeling expert experience and constructs the corresponding constraints. Next, during the program’s execution, AEMB uses symbol execution to collect symbol information and create exploit constraints. Finally, AEMB utilizes a solver to solve the constraints, including payload constraints and exploit constraints, to generate the EXP. In this paper, we evaluated a prototype of AEMB on six test programs and seven real-world applications. Furthermore, we conducted 54 sets of experiments on six different combinations of exploit mitigations. Experiment results indicate that AEMB can automatically overcome exploit mitigations and produce successful exploits for 11 out of 13 applications.

show abstract

Section: Payload Constraints Constructionmentioning

confidence: 99%

“…With the advancement of cyber security, there is an increase in the study of software security, particularly software vulnerabilities [1][2][3]. Automated exploit generation (AEG) is one of the best ways to assess the exploitability of vulnerabilities and is drawing more and more attention.…”

Section: Introductionmentioning

confidence: 99%