Improving guide-based vulnerability detection with hybrid symbolic execution

Symbolic Execution is a key and useful technology in current refinement software test, but there still exists some problems such as space explosion. In order to mitigate this problem and improve the ability for detecting vulnerabilities, this paper presents the improving guide-based vulnerability detection with hybrid symbolic execution, which aims to test suspicious objects. This method conducts path traversal with a hybrid symbolic execution model, which alternates between dynamic and static symbolic execution, and verify whether it is vulnerability through summarizing the characteristics of vulnerabilities and generating a constraint expression. Experimental result shows that this method can successfully detect errors in 56 seconds, which exceeds any other modern mainstream symbolic execution tools including CUTE, KLEE, S2E and Cloud9. Compared with CUTE, this method alleviates the problem of space explosion. Besides, this papaer successfully verifies the vulnerabilities of OpenSSL and some other commonly used software.