Joran Honig - Autonomous Exploitation of System Binaries using Symbolic Analysis

author:Joran Honig
title:Autonomous Exploitation of System Binaries using Symbolic Analysis
committee:prof.dr. M. Huisman
graduation date:7 July 2017


At the moment many software systems have bugs, and de- velopers can be overwhelmed with bug reports describing crashes or unexpected behavior. Finding the critical bugs to focus on can be time consuming, and might lead to se- curity critical bugs remaining unresolved for an extended period, which in turn can lead to data leaks or improper functioning of important systems.

Current state of the art autonomous methods are still un- able to find all bugs, and are often unable to determine if they are security critical. Therefore it is important that methods are developed and improvements are made with automatically finding and validating security vulnerabilities.

In this paper, the application of concolic analysis and con- straint solving are applied to this problem. Three algorithms, used to determine exploitable constraints, will be proposed and evaluated. Furthermore, these algorithms will be compared to the current state of the art, providing an overview of the field.