Dissertation/ Thesis
Exploiting Atypical Symbolic Executions
| العنوان: | Exploiting Atypical Symbolic Executions |
|---|---|
| Alternate Title: | 操作利用非典型之擬真執行 |
| المؤلفون: | Chiu, Shih-Hsin, 邱世欣 |
| Thesis Advisors: | Huang, Shih-Kun, 黃世昆 |
| سنة النشر: | 2011 |
| المجموعة: | National Digital Library of Theses and Dissertations in Taiwan |
| الوصف: | 99 Software security is getting more important recently. There are more and more attacks than before. It is partially due to some design flaws of the programming language and the lack of secure programming practices by programmers. The most serious vulnerability this thesis concerns with is buffer overflow, present in many C/C++ programs, such as the Blaster worm. For preventing from such vulnerabilities, we use symbolic execution with a new memory model supported by KLEE to detect buffer overflow vulnerabilities. This thesis actually generates an exploitable input to trigger buffer overflow and verify the presence of the vulnerability. The input suites we generate are realistic attacks. Unlike the usual hacking methods with manual techniques to reason on the tainting paths, we propose methods to generate exploitable input automatically. |
| Original Identifier: | 099NCTU5394084 |
| نوع الوثيقة: | 學位論文 ; thesis |
| وصف الملف: | 46 |
| الاتاحة: | http://ndltd.ncl.edu.tw/handle/99873395134955318388 |
| رقم الانضمام: | edsndl.TW.099NCTU5394084 |
| قاعدة البيانات: | Networked Digital Library of Theses & Dissertations |
| الوصف غير متاح. |