• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>IEEE International Conference on Software Maintenance and Evolution >Atlantis: Improving the Analysis and Visualization of Large Assembly Execution Traces
【24h】

Atlantis: Improving the Analysis and Visualization of Large Assembly Execution Traces

机译:亚特兰蒂斯:提高大装配执行迹线的分析和可视化

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Assembly execution trace analysis is an effective approach for discovering potential software vulnerabilities. However, the size of the execution traces and the lack of source code makes this a manual, labor-intensive process. Instead of browsing billions of instructions one by one, software security analysts need higher-level information that can provide an overview of the execution of a program to assist in the identification of patterns of interest. The tool we present in this paper, Atlantis, is our trace analysis environment for multi-gigabyte assembly traces, and it contains a number of new features that make it particularly successful in meeting this goal. The contributions of this continuous work fall into three main categories: a) the ability to efficiently reconstruct and navigate the memory state of a program at any point in a trace; b) the ability to reconstruct and navigate functions and processes; and c) a powerful search facility to query and navigate traces. These contributions are not only novel for Atlantis but also for the field of assembly trace analysis. Software is becoming increasingly complex and many applications are designed as collaborative systems or modules interacting with each other, which makes the discovery of vulnerabilities extremely difficult. With the novel features we describe in this paper, our tool extends the security analyst's ability to investigate vulnerabilities of real-world large execution traces and can lay the groundwork for supporting trace analysis of interacting programs in the future.
机译:装配执行跟踪分析是发现潜在的软件漏洞的有效方法。但是,执行迹线的大小和缺少源代码使此成为手动,劳动密集型过程。软件安全分析师逐渐浏览数十亿个指令,而是需要更高级别的信息,该信息可以提供程序的执行概述,以帮助识别感兴趣的模式。我们在本文中存在的工具atlantis是我们的跟踪分析环境,用于多千兆字节装配迹线,它包含许多新功能,使其在满足这一目标时特别成功。这项持续工作的贡献分为三个主要类别:a)能够在跟踪中的任何时候有效地重建和导航程序的内存状态; b)重建和导航功能和流程的能力; c)用于查询和导航迹线的强大搜索工具。这些贡献不仅是亚特兰蒂斯的新颖,而且还用于组装追踪分析领域。软件变得越来越复杂,许多应用程序被设计为与彼此交互的协作系统或模块,这使得发现漏洞极为困难。通过我们在本文中描述的新功能,我们的工具扩展了安全分析师调查现实世界大型执行迹线的脆弱性的能力,并可以为将来的互动计划提供支持的基础。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号