Towards the exploitability escalation for software vulnerabilities

Project: Research project

Project Details

Description

The development of static and dynamic analysis tools significantly improves security analysts' capability in finding software bugs. However, security analysts lack effective, efficient methods to determine the exploitability for the identified bugs. Today, security analysts heavily rely upon their own expertise and experience in exploitability assessment. As a result, the bugs not yet demonstrated exploitability may not result from their unexploitability. Our past research indicates that determining exploitability requires tackling three critical technical challenges – (1) tracking down useful exploitation primitives, (2) bypassing exploit mitigation and protection commonly deployed, (3) preventing unexpected program termination. To this end, I propose a series of technical approaches to ease the development of working exploits and escalate the capability of a security analyst in assessing exploitability for vulnerabilities. To be more specific, I conduct this research from three aspects. First, I developed automated techniques to explore the primitives needed for exploitation. Using the primitives identified, I further designed and developed technical solutions to facilitate the ability of a security analyst to bypass security mitigation and thus explore the possibility of performing exploitation. Looking ahead, I will explore practical approaches to preventing unexpected termination in vulnerability exploitation. In the past 2 years, my research endeavor has primarily focused on useful primitive identification and mitigation circumvention. Until submitting this updated proposal, my students and I have built two open-sourced systems – ELOISE and GREBE, and the corresponding research results have been published at top-tier security conferences (IEEE S&P and CCS). As is mentioned above, this proposal will focus on the last stage of the research. That is to explore solutions to stabilize exploitation and thus prevent unexpected termination in an exploitation pr
StatusFinished
Effective start/end date1/7/221/6/24

Funding

  • Office of Naval Research (N00014-22-1-2158/P00003)

Fingerprint

Explore the research topics touched on by this project. These labels are generated based on the underlying awards/grants. Together they form a unique fingerprint.