Implementation of an effective dynamic concolic execution framework for analyzing binary programs

摘要

With the increasing availability of the computational power and constraint solving technology, the symbolic execution technology has regained interest in recent years. However, it still suffers from state explosion and low efficiency issues due to the large number of paths that need to be analyzed and the complexity of the constraints generated. Meanwhile, most of the present symbolic execution techniques are working on the source code, but the source code of most software is hard to acquire in practice. In order to cope with these issues, this paper presents BinSE, a lightweight dynamic symbolic execution framework for analyzing x86 binary programs. The framework adapts the dynamic analysis model, which combines symbolic execution with concrete execution to simplify the complexity of the path conditions. Furthermore, the hierarchical backward program slicing and the revised irrelevant API filtration mechanisms are introduced to optimize the performance of the framework. According to the experimental results, the proposed framework is efficient and can cover almost all the effective paths of the target program. Meanwhile, it also holds a promise to provide novel solutions to a broad spectrum of security problems. To demonstrate our technique, we apply the framework to detect buffer overflow vulnerability from binary executables. (C) 2019 Elsevier Ltd. All rights reserved.