CUI Baojiang, JI Yupeng, WANG Jianxin. An Instruction-level Symbolic Checksum System for Windows x86 Program[J]. Chinese Journal of Electronics, 2012, 21(1): 22-26.
Citation: CUI Baojiang, JI Yupeng, WANG Jianxin. An Instruction-level Symbolic Checksum System for Windows x86 Program[J]. Chinese Journal of Electronics, 2012, 21(1): 22-26.

An Instruction-level Symbolic Checksum System for Windows x86 Program

  • Received Date: 2010-10-01
  • Rev Recd Date: 2011-05-01
  • Publish Date: 2012-01-05
  • Fuzz testing has some obvious disadvantages: (1) It is ineffective with if-else statement; (2) it can hardly deal with the input with unknown fixed structure; (3) randomly generated input can hardly pass the verification of input integrity applied by the target systems. On the other hand, Symbolic execution can overcome some of the obstacles above. However, most of them didn't handle the function of verification about the input integrity of program. Due to the limitation of fuzz test and symbolic execution to the verification of input integrity, we propose a reversed taint tracing approach to overcome this problem. The key idea is that it traverses the entire path of program by symbolic execution and generates results from the path-reversed files. We found 7 unhandled exceptions in 7-zip, and revised 16 malformed files with correct CRCs to pass the 7-zip test and decompression.
  • loading
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Article Metrics

    Article views (472) PDF downloads(1089) Cited by()
    Proportional views
    Related

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return