Title :
ATLANTIS - Assembly Trace Analysis Environment
Author :
Cleary, Brendan ; Storey, Margaret-Anne ; Chan, Laura ; Salois, Martin ; Painchaud, Frederic
Author_Institution :
Dept. of Comput. Sci., Univ. of Victoria, Victoria, BC, Canada
Abstract :
For malware authors, software is an ever fruitful source of vulnerabilities to exploit. Exploitability assessment through fuzzing aims to proactively identify potential vulnerabilities by monitoring the execution of a program while attempting to induce a crash. In order to determine if a particular program crash is exploitable (and to create a patch), the root cause of the crash must be identified. For particular classes of programs this analysis must be conducted without the aid of the original source code using execution traces generated at the assembly layer. Currently this analysis is a highly manual, text-driven activity with poor tool support. In this paper we present ATLANTIS, an assembly trace analysis environment that combines many of the features of modern IDEs with novel trace annotation and navigation techniques to support software security engineers performing exploitability analysis.
Keywords :
assembly language; invasive software; program diagnostics; text analysis; ATLANTIS; IDE; assembly layer; assembly trace analysis environment; execution traces; exploitability assessment; malware; program classes; program crash; program execution monitoring; software security; source code; text-driven activity; trace annotation techniques; trace navigation techniques; Assembly; Computer crashes; Navigation; Reverse engineering; Security; Software; Tagging;
Conference_Titel :
Reverse Engineering (WCRE), 2012 19th Working Conference on
Conference_Location :
Kingston, ON
Print_ISBN :
978-1-4673-4536-1
DOI :
10.1109/WCRE.2012.62
