Static Detection of Vulnerabilities in x86 Executables

Greg Banks
University of California, Santa Barbara
USA

Marco Cova
University of California, Santa Barbara
USA

Viktoria Felmetsger
University of California, Santa Barbara
USA

Giovanni Vigna
University of California, Santa Barbara
USA

In the last few years, several approaches have been proposed to perform vulnerability analysis of applications written in high-level
languages. However, little has been done to automatically identify
security-relevant flaws in binary code.

In this paper, we present a novel approach to the identification of
vulnerabilities in x86 executables. Our approach is based on static analysis and symbolic execution techniques. We implemented our approach in a tool and used it to detect taint-style vulnerabilities in binary code. The results of our evaluation show that our approach is both practical and effective.

Keywords: Vulnerability analysis, binary static analysis, symbolic execution, taint analysis

Read Paper Read Paper (in PDF)