Detecting exploitable bugs in binary code

Invention Grant

US09183396B2 Detecting exploitable bugs in binary code 有权

Title translation: 检测二进制代码中的可利用错误

Please log in to see more content

Patent Title: Detecting exploitable bugs in binary code
Patent Title (中): 检测二进制代码中的可利用错误
Application No.: US13898824

Application Date: 2013-05-21
Publication No.: US09183396B2

Publication Date: 2015-11-10
Inventor: David Brumley , Sang Kil Cha , Thanassis Avgerinos , Alexandre Rebert
Applicant: Carnegie Mellon University
Applicant Address: US PA Pittsburgh
Assignee: Carnegie Mellon University
Current Assignee: Carnegie Mellon University
Current Assignee Address: US PA Pittsburgh
Agency: Schwegman Lundberg & Woessner, P.A.
Main IPC: G06F21/57
IPC: G06F21/57 ; G06F11/36

Detecting exploitable bugs in binary code

Abstract:

Systems and methods for performing hybrid symbolic execution to detect exploitable bugs in binary code are described. In some example embodiments, the systems and methods determine that resources associated with an execution client performing symbolic execution of a target program are below, at, or above a threshold performance level, generate checkpoints for active executing paths of the online symbolic execution, and cause the execution client to perform symbolic execution in response to the determination that the resources are at or above the threshold performance level.

Abstract(Chinese):

描述用于执行混合符号执行以检测二进制代码中的可利用错误的系统和方法。在一些示例性实施例中，系统和方法确定与执行目标程序的符号执行的执行客户机相关联的资源在阈值性能级别以下，等于或高于阈值性能级别，为在线符号执行的主动执行路径生成检查点，并导致执行客户端响应于确定资源处于或高于阈值性能级别来执行符号执行。

Public/Granted literature

US20130312103A1 DETECTING EXPLOITABLE BUGS IN BINARY CODE Public/Granted day:2013-11-21

Information query

Espacenet

IPC分类:

G	物理
G06	计算；推算或计数
G06F	电数字数据处理（基于特定计算模型的计算机系统入G06N）
G06F21/00	防止未授权行为的保护计算机、其部件、程序或数据的安全装置
G06F21/50	.监控用户、程序或设备，以维护平台完整。例如：处理器、固件或操作系统
G06F21/57	..确保或维持可信任的计算机平台，例如安全引导或断电、版本控制、系统软件检查、安全更新或评估漏洞