Automatisk attackkodsgenerering - En skanning av forskningsfronten
Publish date: 2019-03-25
Report number: FOI-R--4737--SE
Written in: Swedish
- automated exploit generation
Automated exploit generation includes two steps: (1) different kinds of automated code analysis are used to identify software errors that have security implications, (2) another automated tool analyses the identified errors and creates exploits that use these errors as attack vectors. Successful experiments with this type of systems have been described. Companies with this as their focus have been started, among others by those behind the winning contribution to DARPA's Cyber Grand Challenge. This report is based on a literature review of publicly available descriptions of working systems for automated exploit generation. Focus has been on scientific publications and has resulted in a handful of existing systems being identified. The identified systems are the result of relatively extensive engineering efforts, mainly consisting of combining existing software components to create wellfunctioning systems for automated exploit generation. The exploits generated by the identified systems appear to be based solely on relatively easily exploitable vulnerabilities, particularly buffer overflows and format string attacks. The identified systems have very limited ability to circumvent widely used protective measures and can thus be described as working but simple.