Modern software systems require the support of automatic program analyses to answer questions about their correctness, reliability, and safety. In recent years, symbolic execution techniques have played a pivotal role in this field, backing research in different domains such as software testing and software security. Like other powerful machine analyses, symbolic execution is often affected by efficiency and scalability issues that can be mitigated when a domain expert interacts with its working, steering the computation to achieve the desired goals faster. In this paper we explore how visual analytics techniques can help the user to grasp properties of the ongoing analysis and use such insights to refine the symbolic exploration process. To this end, we discuss two real-world usage scenarios from the malware analysis and the vulnerability detection domains, showing how our prototype system can help users make a wiser use of symbolic exploration techniques in the analysis of binary code.
SymNav: Visually Assisting Symbolic Execution / Angelini, Marco; Blasilli, Graziano; Borzacchiello, Luca; Coppa, Emilio; D'Elia, DANIELE CONO; Demetrescu, Camil; Lenti, Simone; Nicchi, Simone; Santucci, Giuseppe. - (2019). (Intervento presentato al convegno 16th IEEE Symposium on Visualization for Cyber Security (VizSec 2019) tenutosi a Vancouver, Canada) [10.1109/VizSec48167.2019.9161524].
SymNav: Visually Assisting Symbolic Execution
Marco Angelini
;Graziano Blasilli
;Luca Borzacchiello
;Emilio Coppa
;Daniele Cono D’Elia
;Camil Demetrescu
;Simone Lenti
;Simone Nicchi
;Giuseppe Santucci
2019
Abstract
Modern software systems require the support of automatic program analyses to answer questions about their correctness, reliability, and safety. In recent years, symbolic execution techniques have played a pivotal role in this field, backing research in different domains such as software testing and software security. Like other powerful machine analyses, symbolic execution is often affected by efficiency and scalability issues that can be mitigated when a domain expert interacts with its working, steering the computation to achieve the desired goals faster. In this paper we explore how visual analytics techniques can help the user to grasp properties of the ongoing analysis and use such insights to refine the symbolic exploration process. To this end, we discuss two real-world usage scenarios from the malware analysis and the vulnerability detection domains, showing how our prototype system can help users make a wiser use of symbolic exploration techniques in the analysis of binary code.| File | Dimensione | Formato | |
|---|---|---|---|
|
Angelini_postprint_SymNav_2019.pdf
accesso aperto
Note: https://ieeexplore.ieee.org/document/9161524
Tipologia:
Documento in Post-print (versione successiva alla peer review e accettata per la pubblicazione)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
1.41 MB
Formato
Adobe PDF
|
1.41 MB | Adobe PDF | |
|
Angelini_SymNav_2019.pdf
solo gestori archivio
Tipologia:
Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
1.4 MB
Formato
Adobe PDF
|
1.4 MB | Adobe PDF | Contatta l'autore |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
