自動化脅迫生成設計與實作

Abstract

隨著資訊技術的發展和網際網路的普及運用，大量應用程式與服務都經由網路連接與溝通。但這些應用程式與服務可能有軟體漏洞，有心人士可經網路利用，形成威脅。在資訊安全領域中，可分為防禦和攻擊二種方向。防禦方面的研究主要是透過軟體測試和漏洞修補來避免或減少危害，而攻擊方面的研究則是注重如何有效利用軟體漏洞。自動脅迫生成是屬於攻擊方面的研究。 我們過去有發展稱為 CRAX的自動脅迫生成平台 (Automatic exploit generation)。CRAX採用全系統符號執行的方式，可利用底層核心與大型軟體的漏洞，但同時因為全系統的模擬操作，必須記錄完整核心狀態，操作過程較為繁瑣，可用性較低。為了增進CRAX的可用性，我們實作Python API來達成CRAX操作流程的自動化。透過這套自動化脅迫生成API，使用者可以自動生成大量脅迫測試資料。

With the development of information technology and the popularity of the Internet, client applications and services communicate with each through network. However, there may be some software vulnerabilities in these applications, so that those vulnerabilities can be exploited, resulting in security threats. In the security research field, there are defense and attack directions . For defense research, we mainly focus on avoiding and reducing the security risks by software testing and vulnerability repair. For attack research, we focus on how to effectively exploit the software vulnerabilities. Automatic exploit generation is one of main area of attack research. We formerly have developed an automatic exploit generation platform called CRAX. CRAX inherits some good features from its underlying platform, but it also inherits some bad features, especially the cumbersome operation process. In order to improve the usability of CRAX, this study implements a set of Python API to automate the operation process of CRAX. With this automatic exploit generation API, users can easily exploit a large number of programs at once.