The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Current network protocol binary software testing methods cannot discover serious vulnerabilities in deep states. This article introduces a novel method based on multi-packet symbolic execution, which can drive the software to deep states, to test the whole network protocol binary software stacks. This article also presents a prototype system, S2EProtocol-multi, upon Selective Symbolic Execution (S2E)...
Traditional symbolic execution for testing software focuses on exploring the paths of the program. However, for stateful network protocol, this method is hard to explore all the protocol states. This paper proposes a novel method based on model-guided symbolic execution, which can associate the program paths with the protocol states and utilize the protocol model to guide the test to explore interesting...
Network protocol binary software is threaten by vulnerabilities. Current analyzing methods do not make full use of the interaction information in network protocol and do not treat both sides of network protocol as a whole system. This paper proposes a novel method based on joint symbolic execution to test synchronously both server and client of the whole network protocol binary software stacks. Moreover,...
The invalid pointer dereference vulnerabilities exist in binary software result from inadequate security check, and these vulnerabilities can be grouped by specific characteristics. In this paper, we have extracted three typical invalid pointer dereference vulnerability patterns from real-world vulnerabilities, and then we put forward a novel method to detect these vulnerabilities for binary software...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.