SaTC: CORE: Small: Towards Locating Memory Corruption Vulnerability with Core Dump

SaTC：CORE：小：利用核心转储定位内存损坏漏洞

• 批准号: 1718459
• 负责人: Xinyu Xing
• 金额: $ 49.93万
• 依托单位: Pennsylvania State Univ University Park
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2017
• 资助国家: 美国
• 起止时间: 2017-08-01 至 2022-04-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1718459&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Towards; Locating

Modern operating systems integrate various security mechanisms to prevent software faults from being exploited. To bypass defenses and hijack program execution, an attacker therefore needs to constantly mutate an exploit and make many attempts. While in their attempts, the exploit may terminate a running process abnormally, and leaves behind a snapshot of its crashing state in the form of a core dump. While a core dump carries a large amount of information, which has long been used for software debugging, it barely serves as informative debugging aids in locating software faults, particularly memory corruption vulnerabilities. This research project aims to explore, design and develop lightweight, systematic and automated approaches that turn a core dump to an informative aid in tracking down memory corruption vulnerabilities. The proposed research has three key components. First, the project will develop a technical approach to improve the quality of information extracted from core dumps. Second, the project will explore a set of technical approaches to enhance this readily-available information. Last but not least, the project will develop a technical approach to automatically analyze enhanced core dumps and pinpoint the root cause of software crashes. This project will make an important step towards improving information available to developers and analysts debugging vulnerable software.

现代操作系统集成了各种安全机制，以防止软件故障被利用。为了绕过防御并劫持程序执行，攻击者因此需要不断地改变漏洞并进行多次尝试。在他们的尝试中，利用可能会异常终止正在运行的进程，并以核心转储的形式留下其崩溃状态的快照。虽然核心转储携带大量信息，长期以来一直用于软件调试，但它几乎不能作为定位软件故障（特别是内存损坏漏洞）的信息性调试辅助工具。该研究项目旨在探索，设计和开发轻量级，系统和自动化的方法，将核心转储转换为跟踪内存损坏漏洞的信息援助。拟议的研究有三个关键组成部分。首先，该项目将制定一种技术方法，以提高从堆芯转储中提取的信息的质量。第二，该项目将探讨一套技术办法，以加强这一随时可得的信息。最后但并非最不重要的是，该项目将开发一种技术方法来自动分析增强的核心转储，并查明软件崩溃的根本原因。该项目将朝着改善调试易受攻击软件的开发人员和分析人员的可用信息迈出重要一步。