Title :
Enhancing symbolic execution method with a taint layer
Author :
Jinxin Ma ; Tao Zhang ; Puhan Zhang
Author_Institution :
China Inf. Technol. Security Evaluation Center, Beijing, China
Abstract :
Symbolic execution is one of the most important computational intelligence methods in vulnerability detection, delivering high code coverage. The bottleneck of dynamic symbolic execution is its running speed, and few existing works focus on research of the problem. In the paper, we present a taint-based symbolic execution method to improve its efficiency. The property of our method includes: 1) it works on the binary level directly, translating binary into a well-defined intermediate representation; 2) it employs a taint layer to perform data flow analysis and quickly locate the first instruction related with symbolic inputs. 3) Three optimization strategies are utilized in symbolic execution to further speed enhancing, including white list, state elimination and path search optimization. We have implemented a prototype based our method, and evaluated it with several sample programs. The experimental results shows that our method could perform faster symbolic execution and has the ability of vulnerability detection.
Keywords :
data flow analysis; optimisation; search problems; binary level; code coverage; computational intelligence methods; data flow analysis; dynamic symbolic execution; optimization strategies; path search optimization; state elimination; symbolic inputs; taint layer; taint-based symbolic execution method; vulnerability detection; Security;
Conference_Titel :
Advanced Computational Intelligence (ICACI), 2015 Seventh International Conference on
Conference_Location :
Wuyi
Print_ISBN :
978-1-4799-7257-9
DOI :
10.1109/ICACI.2015.7184737
