Concolic execution is a dynamic twist of symbolic execution de-
signed with scalability in mind. Recent concolic executors heavily
rely on program instrumentation to achieve such scalability. The
instrumentation code can be added at compilation time (e.g., using
an LLVM pass), or directly at execution time with the help of a
dynamic binary translator. The former approach results in more ef-
ficient code but requires recompilation. Unfortunately, recompiling
the entire code of a program is not always feasible or practical (e.g.,
in presence of third-party components). On the contrary, the latter
approach does not require recompilation but incurs significantly
higher execution time overhead.
In this paper, we investigate a hybrid instrumentation approach
for concolic execution, called SymFusion. In particular, this hybrid
instrumentation approach allows the user to recompile the core
components of an application, thus minimizing the analysis over-
head on them, while still being able to dynamically instrument the
rest of the application components at execution time. Our experi-
mental evaluation shows that our design can achieve a nice balance
between efficiency and efficacy on several real-world applications
Dettaglio pubblicazione
2022, Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering (ASE 2022), Pages -
SymFusion: Hybrid Instrumentation for Concolic Execution (04b Atto di convegno in volume)
Coppa Emilio, Yin Heng, Demetrescu Camil
Gruppo di ricerca: Cybersecurity
keywords