KRover: A symbolic execution engine for dynamic kernel analysis

KRover: A symbolic execution engine for dynamic kernel analysis

We present KRover, a novel kernel symbolic execution engine catered for dynamic kernel analysis such as vulnerability analysis and exploit generation. Different from existing symbolic execution engines, KRover operates directly upon a live kernel thread's virtual memory and weaves symbolic exec...

全面介紹

Saved in:
書目詳細資料
Main Authors: PITIGALA ARACHCHILLAGE, Pansilu Madhura Bhashana Pitigalaarachchi, DING, Xuhua, QIU, Haiqing, TU, Haoxin, HONG, Jiaqi, JIANG, Lingxiao
格式: text
語言:English
出版: Institutional Knowledge at Singapore Management University 2023
主題:
dynamic kernel analysis
symbolic execution
Information Security
在線閱讀:https://ink.library.smu.edu.sg/sis_research/8469
https://ink.library.smu.edu.sg/context/sis_research/article/9472/viewcontent/3576915.3623198.pdf
標簽: 添加標簽
沒有標簽, 成為第一個標記此記錄!
機構: Singapore Management University
語言: English
id sg-smu-ink.sis_research-9472
record_format dspace
spelling sg-smu-ink.sis_research-94722024-01-11T07:30:07Z KRover: A symbolic execution engine for dynamic kernel analysis PITIGALA ARACHCHILLAGE, Pansilu Madhura Bhashana Pitigalaarachchi DING, Xuhua QIU, Haiqing TU, Haoxin HONG, Jiaqi JIANG, Lingxiao We present KRover, a novel kernel symbolic execution engine catered for dynamic kernel analysis such as vulnerability analysis and exploit generation. Different from existing symbolic execution engines, KRover operates directly upon a live kernel thread's virtual memory and weaves symbolic execution into the target's native executions. KRover is compact as it neither lifts the target binary to an intermediary representation nor uses QEMU or dynamic binary translation. Benchmarked against S2E, our performance experiments show that KRover is up to 50 times faster but with one tenth to one quarter of S2E memory cost. As shown in our four case studies, KRover is noise free, has the best-possible binary intimacy and does not require prior kernel instrumentation. Moreover, a user can develop her kernel analyzer that not only uses KRover as a symbolic execution library but also preserves its independent capabilities of reading/writing/controlling the target runtime. Namely, the resulting analyzer on top of KRover integrates symbolic reasoning and conventional dynamic analysis and reaps the benefits of their reinforcement to each other. 2023-11-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/8469 info:doi/10.1145/3576915.3623198 https://ink.library.smu.edu.sg/context/sis_research/article/9472/viewcontent/3576915.3623198.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University dynamic kernel analysis symbolic execution Information Security
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic dynamic kernel analysis
symbolic execution
Information Security
spellingShingle dynamic kernel analysis
symbolic execution
Information Security
PITIGALA ARACHCHILLAGE, Pansilu Madhura Bhashana Pitigalaarachchi
DING, Xuhua
QIU, Haiqing
TU, Haoxin
HONG, Jiaqi
JIANG, Lingxiao
KRover: A symbolic execution engine for dynamic kernel analysis
description We present KRover, a novel kernel symbolic execution engine catered for dynamic kernel analysis such as vulnerability analysis and exploit generation. Different from existing symbolic execution engines, KRover operates directly upon a live kernel thread's virtual memory and weaves symbolic execution into the target's native executions. KRover is compact as it neither lifts the target binary to an intermediary representation nor uses QEMU or dynamic binary translation. Benchmarked against S2E, our performance experiments show that KRover is up to 50 times faster but with one tenth to one quarter of S2E memory cost. As shown in our four case studies, KRover is noise free, has the best-possible binary intimacy and does not require prior kernel instrumentation. Moreover, a user can develop her kernel analyzer that not only uses KRover as a symbolic execution library but also preserves its independent capabilities of reading/writing/controlling the target runtime. Namely, the resulting analyzer on top of KRover integrates symbolic reasoning and conventional dynamic analysis and reaps the benefits of their reinforcement to each other.
format text
author PITIGALA ARACHCHILLAGE, Pansilu Madhura Bhashana Pitigalaarachchi
DING, Xuhua
QIU, Haiqing
TU, Haoxin
HONG, Jiaqi
JIANG, Lingxiao
author_facet PITIGALA ARACHCHILLAGE, Pansilu Madhura Bhashana Pitigalaarachchi
DING, Xuhua
QIU, Haiqing
TU, Haoxin
HONG, Jiaqi
JIANG, Lingxiao
author_sort PITIGALA ARACHCHILLAGE, Pansilu Madhura Bhashana Pitigalaarachchi
title KRover: A symbolic execution engine for dynamic kernel analysis
title_short KRover: A symbolic execution engine for dynamic kernel analysis
title_full KRover: A symbolic execution engine for dynamic kernel analysis
title_fullStr KRover: A symbolic execution engine for dynamic kernel analysis
title_full_unstemmed KRover: A symbolic execution engine for dynamic kernel analysis
title_sort krover: a symbolic execution engine for dynamic kernel analysis
publisher Institutional Knowledge at Singapore Management University
publishDate 2023
url https://ink.library.smu.edu.sg/sis_research/8469
https://ink.library.smu.edu.sg/context/sis_research/article/9472/viewcontent/3576915.3623198.pdf
_version_ 1789483242674454528

相似書籍