Recent Papers Related To Automatic Exploit Generation
remark: This website is only used for collecting and grouping the related paper. If there are any paper need to be updated, you can contribute PR.
由于项目需要和兴趣使然,本人参照@wcventure的FuzzingPaper项目(https://github.com/wcventure/FuzzingPaper)收集了自动化漏洞利用相关的论文,详细介绍和论文pdf在本人GitHub和博客进行展示。
Github
https://github.com/hjyuan/AEGPaper
Blog
http://www.xderedu.com/AEGPaper/
All Papers (Classification according to Publication)
•Survey/Review
–软件漏洞自动利用研究进展
–Crash可利用性分析方法研究综述
–The Coming Era of AlphaHacking A Survey of Automatic Software Vulnerability Detection, Exploitation and Patching Techniques
–从自动化到智能化-软件漏洞挖掘技术进展
–安全漏洞自动利用综述
–软件漏洞自动利用研究综述
–自动化漏洞利用研究进展
•Usenix 2022
–FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities
•Usenix 2021
–EXPRACE: Exploiting Kernel Races through Raising Interrupts
–MAZE: Towards Automated Heap Feng Shui
•CCS 2021
–Demons in the Shared Kernel: Abstract Resource Attacks Against OS-level Virtualization
•EuroSec 2021
–Talking About My Generation: Targeted DOM-based XSS Exploit Generation using Dynamic Data Flow Analysis
•IEEE Trans 2021
–GUI-Squatting Attack: Automated Generation of Android Phishing Apps
•Checkmate 2021
–A Framework for Automatic Exploit Generation for JIT Compilers
•ESORICS 2021
–Towards Automating Code-Reuse Attacks Using Synthesized Gadget Chains
•ICCNT 2021
–AngErza: Automated Exploit Generation
•IEEE Design & Test 2021
–End-to-End Automated Exploit Generation for Processor Security Validation
•arXiv 2021
–Shellcode_IA32: A Dataset for Automatic Shellcode Generation
•Usenix 2020
–KOOBE: Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities
–Automatic techniques to systematically discover new heap exploitation primitives
–AURORA: Statistical Crash Analysis for Automated Root Cause Explanation
–Automatic Generation of Compact Printable Shellcodes for x86
•IEEE Trans 2020
–Tainting-Assisted and Context-Migrated Symbolic Execution of Android Framework for Vulnerability Discovery and Exploit Generation
•SANER 2020
–EthPloit: From Fuzzing to Efficient Exploit Generation against Smart Contracts
•ACM SIGSAC 2020
–A Generic Technique for Automatically Finding Defense-Aware Code Reuse Attacks
–A Systematic Study of Elastic Objects in Kernel Exploitation
•IEEE IRI 2020
–Relating the Empirical Foundations of Attack Generation and Vulnerability Discovery
•Access 2020
–HS-Pilot: Heap Security Evaluation Tool Model Based on Atomic Heap Interaction
•DIMVA 2020
–HAEPG: An Automatic Multi-hop Exploitation Generation Framework
•ACSAC 2020
–Guide Me to Exploit: Assisted ROP Exploit Generation for ActionScript Virtual Machine
•arXiv 2020
–Autosploit: A fully automated framework for evaluating the exploitability of security vulnerabilities
–Attacks on Lightweight Hardware-Based Security Primitives
–Survey of Methods for Automated Code-Reuse Exploit Generation
•Scientific Programming 2020
–A Pattern-Based Software Testing Framework for Exploitability Evaluation of Metadata Corruption Vulnerabilities
•现代计算机
–基于Crash的漏洞利用自动生成系统
•Usenix 2019
–KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities
•ACM SIGSAC 2019
–SLAKE:Facilitating slab manipulation for exploiting vulnerabilities in the linux kernel
–Gollum: Modular and greybox exploit generation for heap overflows in interpreters
•计算机应用与软件 2019
–基于符号执行的缓冲区溢出漏洞自动化利用
•IOP 2019
–Analysis to Heap Overflow Exploit in Linux with Symbolic Execution
•ICSTW 2019
–Automatic Generation of Capability Leaks' Exploits for Android Applications
•计算机科学 2019
–基于符号执行的 Return-to-dl-resolve 利用代码自动生成方法
•Cybersecurity 2019
–From proof-of-concept to exploitable (One step towards automatic exploitability assessment)
•Acess 2019
–ARG: Automatic ROP Chains Generation
•计算机研究与发展
–有限资源条件下的软件漏洞自动挖掘与利用
•Usenix 2018
–teether: Gnawing at ethereum to automatically exploit smart contracts
–NAVEX: Precise and scalable exploit generation for dynamic web applications
–Automatic heap layout manipulation for exploitation
–FUZE: Towards facilitating exploit generation for kernel use-after-free vulnerabilities
–Heaphopper: Bringing bounded model checking to heap implementation security
•ACSAC 2018
–Towards automated generation of exploitation primitives for web browsers
•ACM SIGSAC 2018
–Block oriented programming: Automating data-only attacks
•ACM MICRO 2018
–End-to-end automated exploit generation for validating the security of processor designs
–Revery: From proof-of-concept to exploitable
•IEEE QRS-C 2018
–Automatic exploit generation for buffer overflow vulnerability
•IEEE TrustCom 2018
–Pangr: A Behavior-Based Automatic Vulnerability Detection and Exploitation Framework
•SAI 2018
–Survey of automated vulnerability detection and exploit generation techniques in cyber reasoning systems
•IEEE S&P 2017
–Your exploit is mine: Automatic shellcode transplant for remote exploits
•NDSS 2017
–Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying
•ACSAC 2017
–System service call-oriented symbolic execution of android framework with applications to vulnerability discovery and exploit generation
•PLAS 2017
–Modular synthesis of heap exploits
•ASE 2017
–Automatically assessing crashes from heap overflows
•FSE 2017
–Automatic generation of inter-component communication exploits for Android applications
•IEEE Transations 2017
–Automatic generation of tests to exploit XML injection vulnerabilities in web applications
•AIP 2017
–Construct exploit constraint in crash analysis by bypassing canary
•计算机系统应用 2017
–基于符号执行的自动利用生成系统
•IEEE S&P 2016
–Sok: state of the art of war Offensive techniques in binary analysis
–Data-oriented programming: On the expressiveness of non-control data attacks
•ACM SIGSAC 2016
–Chainsaw: Chained automated workflow-based exploit generation
•WISA 2016
–Towards Automated Exploit Generation for Embedded Systems
•KSII 2016
–Deduplication and Exploitability Determination of UAF Vulnerability Samples by Fast Clustering
•计算机应用研究
–基于指针时空分析的软件异常可利用性判定
•Usenix 2015
–Automatic generation of data-oriented exploits
•CCS 2015
–From Collision To Exploitation Unleashing Use-After-Free Vulnerabilities in Linux Kernel
•BlackHat 2015
–Static Detection and Automatic Exploitation of Intent Message Vulnerabilities in Android Applications
•IFIP 2015
–Exploit generation for information flow leaks in object-oriented programs
•CODASPY 2015
–Practical Exploit Generation for Intent Message Vulnerabilities in Android
•Programming and Computer Software 2015
–Automated Exploit Generation for Stack Buffer Overflow Vulnerabilities
•中国科学院大学学报 2015
–基于模拟攻击的内核提权漏洞自动利用系统
•Usenix 2014
–ROP is Still Dangerous: Breaking Modern Defenses
•CACM 2014
–Automatic exploit generation
•3PGCIC 2014
–Program crash analysis based on taint analysis
•IEEE Transactions on Reliability 2014
–Software Crash Analysis for Automatic Exploit Generation on Binary Programs
•Reliability Digest 2014
–Exploit Generation from Software Failures
•SERE 2013
–Craxweb: Automatic web application testing and attack generation
•SecureComm 2013
–Automatic polymorphic exploit generation for software vulnerabilities
•USB/EECS 2013
–Transformation-aware Exploit Generation using a HI-CFG
•IEEE S&P 2012
–Unleashing mayhem on binary code
•SERE 2012
–Crax: Software crash analysis for automatic exploit generation by modeling attacks as symbolic continuations
•CCS 2011
–Waptec: whitebox analysis of web applications for parameter tampering exploit construction
•Usenix 2011
–Q: Exploit Hardening Made Easy
•NDSS 2011
–AEG: Automatic exploit generation
•ASIACCS 2011
–Automatic construction of jump-oriented programming shellcode (on the x86)
•Blackhat 2010
–Crash analysis with BitBlaze
•Usenix 2009
–Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms
•ICSE 2009
–Automatic creation of SQL Injection and cross-site scripting attacks
•Oxford 2009
–Automatic generation of control flow hijacking exploits for software vulnerabilities
•IEEE S&P 2008
–Automatic patch-based exploit generation is possible: Techniques and implications
•Usenix 2008
–Automatic Generation of XSS and SQL Injection Attacks with Goal-Directed Model Checking
•Usenix 2005
–Automating Mimicry Attacks Using Static Binary Analysis
Survey/Review
软件漏洞自动利用研究进展
•
Paper
Crash可利用性分析方法研究综述
•
Paper
Abstract: Fuzzing技术是现阶段用于漏洞挖掘的主流技术,目前绝大多数的软件漏洞都是利用该技术发现的.但是Fuzzing技术存在的一个主要问题是其会产生大量的crash样本,如何对这些crash样本进行快速的分析分类,是当前基于Fuzzing技术进行漏洞挖掘工作所面临的主要问题. 针对crash可利用性分析的研究,首先,总结了导致程序crash的原因并对其分析技术发展的现状进行了概述;其次,着重分析了当前利用动态污点分析和符号执行等技术进行crash可利用性判定的4种有效分析方法;最后,对比了这4种方法之间的差异,并探讨了crash可利用性分析技术未来的发展方向及趋势.
The Coming Era of AlphaHacking A Survey of Automatic Software Vulnerability Detection, Exploitation and Patching Techniques
•
Paper
Abstract: With the success of the Cyber Grand Challenge (CGC) sponsored by DARPA, the topic of Autonomous Cyber Reasoning System (CRS) has recently attracted extensive attention from both industry and academia. Utilizing automated system to detect, exploit and patch software vulnerabilities seems so attractive because of its scalability and cost-efficiency compared with the human expert based solution. In this paper, we give an extensive survey of former representative works related to the underlying technologies of a CRS, including vulnerability detection, exploitation and patching. As an important supplement, we then review several pioneer studies that explore the potential of machine learning technologies in this field, and point out that the future development of Autonomous CRS is inseparable from machine learning.
从自动化到智能化-软件漏洞挖掘技术进展
•
Paper
Abstract: 近年来,随着软件规模和复杂度的日益增加,软件漏洞挖掘技术正逐渐向高度自动化和智能化演变,该文从传统漏洞挖掘技术和基于学习的智能化漏洞挖掘技术两方面深入调研和分析了相关的研究进展.首先,从静态和动态挖掘技术2方面详细介绍了传统漏洞挖掘技术的研究现状,涉及的技术包括模型检测、二进制比对、模糊测试、符号执行以及漏洞可利用性分析等,并分析了各项技术存在的问题,提出当前的研究难点是实现漏洞挖掘全自动化.然后,介绍了机器学习和深度学习技术在漏洞挖掘领域的应用,具体应用场景包括二进制函数识别、函数相似性检测、测试输入生成、路径约束求解等,并提出了其存在的机器学习算法不够健壮安全、算法选择依靠经验、数据样本不足、特征选择依赖专家知识等问题.最后,对未来研究工作进行了展望,提出应该围绕提高漏洞挖掘的精度和效率、提高自动化和智能化的程度这2方面展开工作.
安全漏洞自动利用综述
•
Paper
Abstract: 随着安全漏洞数量急剧上升,高效率地评估与修复漏洞面临更大的挑战.目前漏洞的可利用性评估主要依赖人工方法,如何智能化和自动化地进行安全漏洞利用是本领域一个热点研究问题.调研了2006年至今安全漏洞自动利用文献,分析了现状并指出了漏洞利用研究的发展趋势,同时给出了漏洞自动利用的一般框架;分别从漏洞自动利用的信息输入、漏洞类型和利用方法这3个角度对当前研究成果进行了梳理,指出了这3个角度对漏洞自动利用的影响;分析了漏洞自动利用研究的不足与挑战,并对将来的研究趋势进行了展望.
软件漏洞自动利用研究综述
•
Paper
Abstract: 近年来,软件漏洞已成为系统安全与攻防对抗的核心要素,随着软件数量的增加和规模的复杂化,漏洞数量逐年增加,而依赖于人工的漏洞分析与利用生成已难以满足现实需求,漏洞的自动分析和利用生成是亟待解决的难点问题.现有研究已经取得了相关的成果,文章从控制流劫持漏洞自动利用、面向堆漏洞的自动分析与利用、安全机制自动化对抗方法和综合性的漏洞自动利用框架等四个方面介绍当前软件漏洞自动利用研究进展,进而分析未来软件漏洞自动利用发展趋势.
自动化漏洞利用研究进展
•
Paper
Abstract: 网络空间安全斗争形式日趋复杂,针对软件安全的攻防博弈愈演愈烈。软件漏洞挖掘与利用的复杂性及专业性,使得大量工作仅能依靠安全专家完成。近年来,漏洞数量激增,仅依靠安全专家已无法有效应对。自动化漏洞利用应运而生,该方法在提升工作效率的同时降低人力成本,并一定程度上满足了自动化攻防的迫切需求。介绍自动化漏洞利用相关概念,对关键技术进行归纳与总结,梳理国内外主流的自动化漏洞利用系统。
剩余论文不在此展示,有兴趣的读者可以移步本人GitHub或博客进行查看,如果有任何不对或错误的地方欢迎大家进行指证。
点击阅读原文进入博客进行详细阅读,记得关注哈。
原文始发于微信公众号(日月不掩):Automatic Exploit Generation Paper
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论