THE METHOD OF SOFTWARE BEHAVIOR DETECTION BASED-ON DYNAMIC SYMBOLIC EXECUTION
Through the technology of symbolic execution, we can obtain the relationship between input and control flow easily, which is quite critical for the analysis of the program.In this paper, we propose and implement a method of software behavior detection based on dynamic symbolic execution.Through code instrumentation, we can get the context of a program execution, and collect the behavior information as well as path constraint conditions.After that we can generate a new set of constraints according to a certain path traversal algorithm, and construct a new input so as to drive the program to execute a new path by solving constraints.Experiments show that the proposed method can make an analysis of binary executable program, capture the context during program execution, and overcome the inconvenience effectively, which is caused by invisibility of the source code by analyzing binary executable programs directly.
Dynamic symbolic execution Binary analysis Behavior detection of software
BAO-ZHEN DING JIU-CHUAN LIN
School of Software,Shanghai Jiao Tong University,800 Dongchuan Road,Shanghai The Third Research Inst The Third Research Institute Of Ministry Of Public Security,339 Bisheng Road,Shanghai
国际会议
成都
英文
605-610
2011-11-25(万方平台首次上网日期,不代表论文的发表时间)