Finding Bugs Faster Than Hackers – USC Viterbi
Malware, viruses, spyware, bots and more! Hackers have many tools at their disposal to ruin your day through your vulnerable technology. As we become increasingly dependent on internet-driven products (ie, phone, computer, smart home), and everything from toasters to toothbrushes can be connected to the internet, we must be ever vigilant against malicious attacks.
Preventing such attacks is the goal of a group of researchers in the Binary Analysis and Systems Security (BASS) group at USC Viterbi’s Information Sciences Institute (ISI). They will be presenting their new paper, written in collaboration with Arizona State University, at the upcoming 35th Annual USENIX Security Symposium, one of the premier conferences in the cybersecurity space, held August 10-12 in Boston, Mass.
“This paper is about vulnerability discovery, which is finding security bugs in software that attackers or hackers could exploit to get control of remote systems, leak information, or any number of bad things,” said co-author and co-advisor Christophe Hauser, a research computer scientist at ISI and research lead.
Co-author Nicolaas Weideman adds that, in particular, it’s about automated vulnerability discovery. “Because computer programs are so large and complicated these days, we’d like to automatically detect these vulnerabilities instead of having a human expert analyzing the program to find them.”
Searching for bugs in the zeros and ones
The paper proposes a novel technique for automated vulnerability discovery at the binary level. Hauser explains, “One of the specificities of this research is that we analyzed software not at the source code level, but we actually analyzed it at the binary level, the executable code. These are instructions that talk directly to the machine, they’re not instructions meant for humans to understand.”
Current state-of-the-art binary program analysis approaches are limited by inherent trade-offs between accuracy and scalability. Static vulnerability detection techniques – the analysis of a program without actually running it – are limited in how accurate they can be. While dynamic vulnerability detection…