Sydr: Cutting Edge Dynamic Symbolic Execution

11/18/2020
by   Alexey Vishnyakov, et al.
0

The security development lifecycle (SDL) is becoming an industry standard. Dynamic symbolic execution (DSE) has enormous amount of applications in computer security (fuzzing, vulnerability discovery, reverse-engineering, etc.). We propose several performance and accuracy improvements for dynamic symbolic execution. Skipping non-symbolic instructions allows to build a path predicate 1.2–3.5 times faster. Symbolic engine simplifies formulas during symbolic execution. Path predicate slicing eliminates irrelevant conjuncts from solver queries. We handle each jump table (switch statement) as multiple branches and describe the method for symbolic execution of multi-threaded programs. The proposed solutions were implemented in Sydr tool. Sydr performs inversion of branches in path predicate. Sydr combines DynamoRIO dynamic binary instrumentation tool with Triton symbolic engine. We evaluated Sydr features on 64-bit Linux executables.

READ FULL TEXT

Authors

page 1

page 2

page 3

page 4

09/08/2021

Towards Symbolic Pointers Reasoning in Dynamic Symbolic Execution

Dynamic symbolic execution is a widely used technique for automated soft...
06/30/2020

Symbolic Execution and Debugging Synchronization

In this thesis, we introduce the idea of combining symbolic execution wi...
08/05/2019

How to Kill Symbolic Deobfuscation for Free; or Unleashing the Potential of Path-Oriented Protections

Code obfuscation is a major tool for protecting software intellectual pr...
01/08/2018

Tamarin: Concolic Disequivalence for MIPS

Given two MIPS programs, when are they equivalent? At first glance, this...
12/08/2016

Coupling Distributed and Symbolic Execution for Natural Language Queries

Building neural networks to query a knowledge base (a table) with natura...
11/10/2021

Symbolic Security Predicates: Hunt Program Weaknesses

Dynamic symbolic execution (DSE) is a powerful method for path explorati...
11/07/2018

Decision Procedures for Path Feasibility of String-Manipulating Programs with Complex Operations

The design and implementation of decision procedures for checking path f...

Code Repositories

sydr-benchmark

Sydr benchmark applications


view repo
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.