Cisco – Automated Discovery of Memory Corruption Vulnerabilities

advertisement
963632 ‫פרויקט באבטחת מידע‬
‫חורף תשע"ו‬
Cisco – Automated Discovery of Memory Corruption
Vulnerabilities
Analysis and reverse engineering of binary code is a necessary step in determining if embedded
devices contain possible security vulnerabilities. This process is expensive in both time and
effort. It may be possible to perform some analysis operations automatically, thereby reducing
the overall cost of analysis.
This project will use the Angr (http://angr.io) binary analysis platform, developed by the
Computer Security Lab at UC Santa Barbara, to implement automated discovery of certain types
of memory corruption vulnerabilities. Angr is written in python.
The project will be in two phases: First the call-sites and arguments to common memory
operation functions must be analyzed in order to determine whether they are potentially
vulnerable. Secondly, it is necessary to trace the argument data back to input functions in order
to determine whether the memory operations can be affected by external program inputs.
The output of the project will include the python source code implementing the analysis. Any IP
will remain the property of Cisco.
Relevant fields:
- Binary analysis
- Automated vulnerability detection
- Reverse engineering
Pre-requisites:
- Knowledge in developing code in python
- Some understanding of memory corruption vulnerabilities
- Familiarity with assembly code for one of the following architectures: ARM, MIPS, x86
Advisor:
Shmarya Rubenstein
Email: srubenst@cisco.com
Phone: 04 856 6611
Download