Shiqi Shen (National University of Singapore), Shweta Shinde (National University of Singapore), Soundarya Ramesh (National University of Singapore), Abhik Roychoudhury (National University of Singapore), Prateek Saxena (National University of Singapore)

Symbolic execution is a powerful technique for program analysis. However, it has many limitations in practical applicability: the path explosion problem encumbers scalability, the need for language-specific implementation, the inability to handle complex dependencies, and the limited expressiveness of theories supported by underlying satisfiability checkers. Often, relationships between variables of interest are not expressible directly as purely symbolic constraints. To this end, we present a new approach—neuro-symbolic execution—which learns an approximation of the relationship between program values of interest, as a neural network. We develop a procedure for checking satisfiability of mixed constraints, involving both symbolic expressions and neural representations. We implement our new approach in a tool called NeuEx as an extension of KLEE, a state-of-the-art dynamic symbolic execution engine. NeuEx finds 33 exploits in a benchmark of 7 programs within 12 hours. This is an improvement in the bug finding efficacy of 94% over vanilla KLEE. We show that this new approach drives execution down difficult paths on which KLEE and other DSE extensions get stuck, eliminating limitations of purely SMT-based techniques.

View More Papers

Oligo-Snoop: A Non-Invasive Side Channel Attack Against DNA Synthesis...

Sina Faezi (University of California, Irvine), Sujit Rokka Chhetri (University of California, Irvine), Arnav Vaibhav Malawade (University of California, Irvine), John Charles Chaput (University of California, Irvine), William Grover (University of California, Riverside), Philip Brisk (University of California, Riverside), Mohammad Abdullah Al Faruque (University of California, Irvine)

Read More

Privacy Attacks to the 4G and 5G Cellular Paging...

Syed Rafiul Hussain (Purdue University), Mitziu Echeverria (University of Iowa), Omar Chowdhury (University of Iowa), Ninghui Li (Purdue University), Elisa Bertino (Purdue University)

Read More

On the Challenges of Geographical Avoidance for Tor

Katharina Kohls (Ruhr-University Bochum), Kai Jansen (Ruhr-University Bochum), David Rupprecht (Ruhr-University Bochum), Thorsten Holz (Ruhr-University Bochum), Christina Pöpper (New York University Abu Dhabi)

Read More

TEE-aided Write Protection Against Privileged Data Tampering

Lianying Zhao (Concordia University), Mohammad Mannan (Concordia University)

Read More