ATLANTIS - Assembly Trace Analysis Environment
暂无分享,去创建一个
For malware authors, software is an ever fruitful source of vulnerabilities to exploit. Exploitability assessment through fuzzing aims to proactively identify potential vulnerabilities by monitoring the execution of a program while attempting to induce a crash. In order to determine if a particular program crash is exploitable (and to create a patch), the root cause of the crash must be identified. For particular classes of programs this analysis must be conducted without the aid of the original source code using execution traces generated at the assembly layer. Currently this analysis is a highly manual, text-driven activity with poor tool support. In this paper we present ATLANTIS, an assembly trace analysis environment that combines many of the features of modern IDEs with novel trace annotation and navigation techniques to support software security engineers performing exploitability analysis.
[1] Pedram Amini,et al. Fuzzing: Brute Force Vulnerability Discovery , 2007 .
[2] Janice Singer,et al. How Software Developers Use Tagging to Support Reminding and Refinding , 2009, IEEE Transactions on Software Engineering.
[3] Christoph Treude,et al. An Exploratory Study of Software Reverse Engineering in a Security Context , 2011, 2011 18th Working Conference on Reverse Engineering.
[4] Zhenkai Liang,et al. BitBlaze: A New Approach to Computer Security via Binary Analysis , 2008, ICISS.