Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications

S
SP
2008
2008 IEEE Symposium on Security and Privacy (sp 2008)
Abstract - Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by David Brumley Articles by Pongsin Poosankam Articles by Dawn Song Articles by Jiang Zheng

2008 IEEE Symposium on Security and Privacy (sp 2008)

May 18-May 21

ISBN: 978-0-7695-3168-7

	ASCII Text	x
	David Brumley, Pongsin Poosankam, Dawn Song, Jiang Zheng, "Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications," Security and Privacy, IEEE Symposium on, pp. 143-157, 2008 IEEE Symposium on Security and Privacy (sp 2008), 2008.

	BibTex	x
	@article{ 10.1109/SP.2008.17, author = {David Brumley and Pongsin Poosankam and Dawn Song and Jiang Zheng}, title = {Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications}, journal ={Security and Privacy, IEEE Symposium on}, volume = {0}, year = {2008}, isbn = {978-0-7695-3168-7}, pages = {143-157}, doi = {http://doi.ieeecomputersociety.org/10.1109/SP.2008.17}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Security and Privacy, IEEE Symposium on TI - Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications SN - 978-0-7695-3168-7 SP143 EP157 A1 - David Brumley, A1 - Pongsin Poosankam, A1 - Dawn Song, A1 - Jiang Zheng, PY - 2008 KW - exploit generation KW - symbolic execution KW - combined execution KW - test case generation KW - patch VL - 0 JA - Security and Privacy, IEEE Symposium on ER -

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SP.2008.17

The automatic patch-based exploit generation problem is: given a program P and a patched version of the program P, automatically generate an exploit for the potentially unknown vulnerability present in P but fixed in P. In this paper, we propose techniques for automatic patch-based exploit generation, and show that our techniques can automatically generate exploits for 5 Microsoft programs based upon patches provided via Windows Update. Although our techniques may not work in all cases, a fundamental tenant of security is to conservatively estimate the capabilities of attackers. Thus, our results indicate that automatic patch-based exploit generation should be considered practical. One important security implication of our results is that current patch distribution schemes which stagger patch distribution over long time periods, such as Windows Update, may allow attackers who receive the patch first to compromise the significant fraction of vulnerable hosts who have not yet received the patch.

Index Terms:

exploit generation, symbolic execution, combined execution, test case generation, patch

Citation:

David Brumley, Pongsin Poosankam, Dawn Song, Jiang Zheng, "Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications," sp, pp.143-157, 2008 IEEE Symposium on Security and Privacy (sp 2008), 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.