Pangr: A Behavior-Based Automatic Vulnerability Detection and Exploitation Framework
Citations Over Time
Abstract
Nowadays, with the size and complexity of software increasing rapidly, vulnerabilities are becoming diversified and hard to identify. It is unpractical to detect and exploit vulnerabilities by manual construction. Therefore, an efficient automatic method of detecting and exploiting software vulnerability is in critical demand. This paper implements Pangr, an entire system for automatic vulnerability detection, exploitation, and patching. Pangr builds a complete vulnerability model based on its triggering behavior to identify vulnerabilities and generate exp or exploit schemes. According to the type and feature of the vulnerability, Pangr can generate the specific patch for the software. In the experiment, we tested 20 vulnerable programs on 32-bit Linux machine. Pangr detected 16 vulnerabilities, generated 10 exp, and patched 14 programs.
Related Papers
- → Modeling and Characterizing Software Vulnerabilities(2017)33 cited
- → Software Vulnerabilities Integrated Management System(2020)5 cited
- → Zero Day Vulnerabilities Assessments, Exploits Detection, and Various Design Patterns in Cyber Software(2023)2 cited
- Static Analysis and Program Verification Techniques to Improve Software Security Vulnerability Protection(2012)