The Institute of Electrical and Electronics Engineers (IEEE) recently honored the founders of ForAllSecure with its prestigious Test-of-Time award for a paper first published in May 2012 by ForAllSecure founders David Brumley, Thanassis Avgerinos, and Alex Rebert, along with San Kil Cha. The award was presented the 43th Annual IEEE Security & Privacy Symposium on May 20 in San Francisco, CA.
The paper, Unleashing Mayhem on Binary Code, which the abstract says is "a new system for automatically finding exploitable bugs in binary (i.e., executable) programs." The abstract continues, "Every bug reported by Mayhem is accompanied by a working shell-spawning exploit. The working exploits ensure soundness and that each bug report is security-critical and actionable. Mayhem works on raw binary code without debugging information. To make exploit generation possible at the binary-level, Mayhem addresses two major technical challenges: actively managing execution paths without exhausting memory, and reasoning about symbolic memory indices, where a load or a store address depends on user input."
The paper proposes two unique techniques for accomplishing this. The first uses hybrid symbolic execution to combine online and offline (concolic) execution, maximizing the benefits of both techniques. The second technique is the introduction of index-based memory modeling, a technique that allows Mayhem to efficiently reason about symbolic memory at the binary level. This technology is used in the commercial product, Mayhem, available for free today.
The IEEE Security & Privacy symposium initiated the Test-of-Time Award last year to recognize papers that have made a lasting impact on the fields of security. IEEE Test-of-Time award. To qualify for this award, a paper must have been published at the IEEE Symposium on Security and Privacy between 10 and 12 years prior. Each year, the awards selection committee is charged to select one or more winners from among the eligible set using their own experience and knowledge.
Thank you for subscribing!