AAHEG: Automatic Advanced Heap Exploit Generation Based on Abstract Syntax Tree

AAHEG: Automatic Advanced Heap Exploit Generation Based on Abstract Syntax Tree

Automatic Exploit Generation (AEG) involves automatically discovering paths in a program that trigger vulnerabilities, thereby generating exploits. While there is considerable research on heap-related vulnerability detection, such as detecting Heap Overflow and Use After Free (UAF) vulnerabilities,...

Full description

Bibliographic Details
Main Authors:	Yu Wang, Yipeng Zhang, Zhoujun Li
Format:	Article
Language:	English
Published:	MDPI AG 2023-12-01
Series:	Symmetry
Subjects:	automatic exploit generation heap-related vulnerability fuzzing symbolic execution abstract syntax tree
Online Access:	https://www.mdpi.com/2073-8994/15/12/2197

Similar Items

From proof-of-concept to exploitable
by: Yan Wang, et al.
Published: (2019-03-01)

EtWExplorer: Multi-Priority Scheduling Path Exploration Technology Based on Abstract Syntax Tree Analysis
by: Xinglu He, et al.
Published: (2022-10-01)

AFL++: A Vulnerability Discovery and Reproduction Framework
by: Guofeng He, et al.
Published: (2024-02-01)

Smart Contract Vulnerability Detection Based on Abstract Syntax Tree Pruning
by: LIU Zerun, ZHENG Hong, QIU Junjie
Published: (2023-04-01)

Abstract predicate entailment over points-to heaplets is syntax recognition
by: Rene Haberland, et al.
Published: (2016-04-01)

Exploratory Review of Hybrid Fuzzing for Automated Vulnerability Detection
by: Fayozbek Rustamov, et al.
Published: (2021-01-01)

Automatic Exploitation of Fully Randomized Executables
by: Gadient, Austin, et al.
Published: (2019)

DeepDiver: Diving into Abysmal Depth of the Binary for Hunting Deeply Hidden Software Vulnerabilities
by: Fayozbek Rustamov, et al.
Published: (2020-04-01)

ESRFuzzer: an enhanced fuzzing framework for physical SOHO router devices to discover multi-Type vulnerabilities
by: Yu Zhang, et al.
Published: (2021-07-01)

Deep Forest and Pruned Syntax Tree-Based Classification Method for Java Code Vulnerability
by: Jiaman Ding, et al.
Published: (2023-01-01)

ObFuzzer: Object-Oriented Hybrid Fuzzer for Binaries
by: Xinglu He, et al.
Published: (2022-09-01)

BugMiner: Mining the Hard-to-Reach Software Vulnerabilities through the Target-Oriented Hybrid Fuzzer
by: Fayozbek Rustamov, et al.
Published: (2020-12-01)

AEMB: An Automated Exploit Mitigation Bypassing Solution
by: Ruipeng Wang, et al.
Published: (2021-10-01)

CanaryExp: A Canary-Sensitive Automatic Exploitability Evaluation Solution for Vulnerabilities in Binary Programs
by: Hui Huang, et al.
Published: (2023-11-01)

A syntax-semantics interface for Tree-Adjoining Grammars through Abstract Categorial Grammars
by: Sylvain Pogodalla
Published: (2018-04-01)

A Novel Network Protocol Syntax Extracting Method for Grammar-Based Fuzzing
by: Huashan Li, et al.
Published: (2024-03-01)

Deep Learning With Customized Abstract Syntax Tree for Bug Localization
by: Hongliang Liang, et al.
Published: (2019-01-01)

ShadowBug: Enhanced Synthetic Fuzzing Benchmark Generation
by: Zhengxiang Zhou, et al.
Published: (2024-01-01)

SHFuzz: Selective Hybrid Fuzzing with Branch Scheduling Based on Binary Instrumentation
by: Xianya Mi, et al.
Published: (2020-08-01)

Grammar-aware test case trimming for efficient hybrid fuzzing
by: Yiru Zhao, et al.
Published: (2024-01-01)

SwitchFuzz: Switch Short-Term Goals in Directed Grey-Box Fuzzing
by: Ziheng He, et al.
Published: (2022-11-01)

The memory forensic research oriented to segment heap in Windows 10 system
by: ZHAI Jiqiang, et al.
Published: (2021-10-01)

Fuzzing: a survey
by: Jun Li, et al.
Published: (2018-06-01)

Investigation of Liquid Channeling in Heap by Tracer Test
by: Tatsuya SHINKAWA, et al.
Published: (2017-12-01)

FirmHunter: State-Aware and Introspection-Driven Grey-Box Fuzzing towards IoT Firmware
by: Qidi Yin, et al.
Published: (2021-09-01)

PSOFuzzer: A Target-Oriented Software Vulnerability Detection Technology Based on Particle Swarm Optimization
by: Chen Chen, et al.
Published: (2021-01-01)

Abstract-Syntax-Driven Development of Oberon-0 Using YAJCo
by: Sergej Chodarev, et al.
Published: (2019-01-01)

Automatic text summarization /
by: Torres-Moreno, Juan-Manuel
Published: (2014)

Abstraction between the Symbol and the Code in the Artistic Painting
by: Sahar Abdel-Kazem Ghanem
Published: (2020-03-01)

LearnAFL: Greybox Fuzzing With Knowledge Enhancement
by: Tai Yue, et al.
Published: (2019-01-01)

Machine Learning-Based Fuzz Testing Techniques: A Survey
by: Ao Zhang, et al.
Published: (2024-01-01)

SpotFuzz: Fuzzing Based on Program Hot-Spots
by: Haibo Pang, et al.
Published: (2021-12-01)

Automated Vulnerability Discovery and Exploitation in the Internet of Things
by: Zhongru Wang, et al.
Published: (2019-07-01)

Heaps’ Law and Heaps functions in tagged texts: evidences of their linguistic relevance
by: A. Chacoma, et al.
Published: (2020-03-01)

Heaping at Round Numbers on Financial Questions: The Role of Satisficing
by: Michael Gideon, et al.
Published: (2017-08-01)

Analysis of Program Representations Based on Abstract Syntax Trees and Higher-Order Markov Chains for Source Code Classification Task
by: Artyom V. Gorchakov, et al.
Published: (2023-09-01)

The construction of syntax trees using external data for partially formalized text documents
by: Kirill Chuvilin
Published: (2016-11-01)

Monitoring and Controlling Saturation Zones in Heap Leach Piles Using Thermal Analysis
by: Omar Daud, et al.
Published: (2021-01-01)

Microbiology of Composting Pig Waste: Comparison of Vermicomposting and Open Heap Techniques
by: Ogefere, H. O., et al.
Published: (2010-01-01)

An efficient method of matrix multiplication for heaps of pieces
by: Ware, Simon, et al.
Published: (2018)