论文信息 - Symbolic assertion mining for security validation

Symbolic assertion mining for security validation

This paper presents DOVE, a validation framework to identify points of vulnerability inside IP firmwares. The framework relies on the symbolic simulation of the firmware to search for corner cases in its computational paths that may hide vulnerabilities. Then, DOVE automatically mine a compact set of formal assertions representing these unlikely paths to guide the analysis of the verification engineers. Experimental results on two case studies show the effectiveness of the generated assertions in pinpointing actual vulnerabilities and its efficiency in terms of execution time.

Graziano Pravadelli | Valeria Bertacco | Alessandro Danese

[1] Peng Li,et al. T-check: bug finding for sensor networks , 2010, IPSN '10.

[2] Mark R. Tuttle,et al. Symbolic Execution for BIOS Security , 2015, WOOT.

[3] Somesh Jha,et al. FIE on Firmware: Finding Vulnerabilities in Embedded Systems Using Symbolic Execution , 2013, USENIX Security Symposium.

[4] Klaus Wehrle,et al. KleeNet: discovering insidious interaction bugs in wireless sensor networks before deployment , 2010, IPSN '10.

[5] Dawson R. Engler,et al. KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs , 2008, OSDI.

[6] Fabrice Bellard,et al. QEMU, a Fast and Portable Dynamic Translator , 2005, USENIX ATC, FREENIX Track.

[7] Corina S. Pasareanu,et al. Reliability analysis in Symbolic PathFinder , 2013, 2013 35th International Conference on Software Engineering (ICSE).

[8] George Candea,et al. Testing Closed-Source Binary Device Drivers with DDT , 2010, USENIX Annual Technical Conference.

[9] George Candea,et al. S2E: a platform for in-vivo multi-path analysis of software systems , 2011, ASPLOS XVI.