Testing Network Protocol Binary Software with Selective Symbolic Execution

摘要

The vulnerabilities existing in network protocol implementations are difficult to detect. The main reason is that the state space of complex protocol binary software is too large to explore. This paper proposes a novel approach that leverages selective symbolic execution to test network protocol binary software directly, which confines symbolic execution in the secure-sensitive area. This paper also builds a prototype system, S2EProtocol, upon the Selective Symbolic Execution (S2E) platform and uses it to test several real network protocol binary software. The evaluation results show that the proposed method can be used to find vulnerabilities efficiently and effectively.