IntScope: Automatically Detecting Integer Overflow Vulnerability In X86 Binary Using Symbolic Execution
Tielei Wang, Tao Wei, Zhiqiang Lin, and Wei Zou
$Id: ndss09.t2t, v1.0, last updated %%mtime(%c) Exp $

%! Target:
%! Options: --toc --css-sugar --encoding=iso-8859-1
%! Style: tech.css
%! PreProc:
%! PostProc:
%! include: ''ns.js''


=== Abstract ===
The number of identified integer overflow vulnerabilities has 
been increasing rapidly in recent years. In this paper, we present 
a system, IntScope, which can automatically detect integer overflow 
vulnerabilities in x86 binaries before an attacker does, with the goal 
of finally eliminating the vulnerabilities. IntScope first translates 
the disassembled code into our own intermediate representation (IR), and
then performs a path sensitive data flow analysis on the IR by leveraging
symbolic execution and taint analysis to identify the vulnerable 
point of integer overflow. Compared with other approaches, IntScope 
does not run the binary directly, and is scalable to large software 
as it can just symbolically execute the interesting program paths. 
Experimental results show IntScope is quite encouraging: it has 
detected more than 20 zero-day integer overflows (e.g., CVE-2008-4201, 
FrSIRT/ADV-2008-2919) in widely-used software such as QEMU, Xen and Xine.

=== Full Paper ===
The full paper can be download from here [[PDF file/IntScope_NDSS09.pdf]]
---------------------------------------------------------------------------
[HOME index.html]  [SOURCE %%infile]