-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathintro.tex
12 lines (7 loc) · 3.66 KB
/
intro.tex
1
2
3
4
5
6
7
8
9
10
11
12
\chapter{INTRODUCTION}
Despite decades of advancements in the fields of software security and binary hardening, the problem of exploitation is not one of antiquity \citep{cowan1998stackguard, pappas2013transparent}. The gravity of this situation can be appreciated after considering the omnipresence of low-level binary code with limited security mitigations in applications such as compilers, operating systems, and embedded systems that are driving forces in modern life \cite{shoshitaishvili2016sok}. Where there are binaries produced by low-level languages, there are vulnerabilities. The exposure of CVE-2021-3156, in which a heap-based buffer overflow could be exploited in the \code{sudo} program to gain privilege escalation to the root user, serves as the perfect reminder of the real, persistent threat of binary exploitation \citep{CVE-2021-3156}. The threats posed by the exploitation of vulnerabilities have consequences that transcend the realm of technology. In an analysis of the impact of security breach disclosures on market value, affected firms saw an average loss of \$1.65 billion in market capitalization \citep{cavusoglu2004effect}. Since low-level code saturates every level of modern life and is susceptible to vulnerabilities, the necessity for effective detection and mitigation techniques cannot be overstated.
With the ever-increasing complexity of software, the need for tools that aid in the software debugging process is becoming more and more apparent. In fact, it is common for the software testing and debugging phase to consume anywhere from half to three quarters of the total development cost [6]. Thus, the creation of debugging tools that aid in resolving the root cause of software faults would serve to reduce programmer man hours and development costs.
In an attempt to contribute to the detection and mitigation of vulnerabilities, and thus ease the burden inherent in debugging software, a novel \code{angr} analysis for data dependency generation that enables users with the ability to explore and interact with a visualized data dependency graph for a given binary and execution trace is presented. This analysis ingests a binary to analyze and an accompanying execution trace that is then parsed to create a representative data dependency graph containing nodes for all of the relevant memory locations and edges representing their inter-dependencies.
While researchers have applied data dependency graphs to binary analysis \citep{serpilliere_2017, zhang2019bda}, the literature has yet to see their application to visualizing dependency flows for user-driven binary analysis. This paper seeks to contribute to the scientific discourse by outlining the design of a tool that addresses this gap. As the proposed tool is focused on the end-user, whether they be a software debugger or binary analyst, I sought to explore the impact of the presented analysis on the speed and accuracy of binary analysis through a user study.
Participants were solicited from various online cybersecurity communities and tasked with working through a series of software debugging and CTF-like challenges, answering challenge questions, and providing general survey feedback in order to quantitatively and qualitatively assess the effectiveness of the proposed analysis.
After analyzing the user study results, it was concluded that the proposed data dependency analysis had a positive effect on both challenge-solving accuracy and time. The analysis had an educationally significant effect upon overall challenge-solving accuracy and time, with practical significance for challenges that required tracing data dependencies. The participant pool solved the challenges 171 seconds faster with 32\% more accuracy.