Identifying and Analyzing Pointer Misuses for Sophisticated Memory-corruption Exploit Diagnosis
Download: Paper (PDF)
Date: 8 Feb 2012
Document Type: Briefing Papers
Additional Documents: Slides
Associated Event: NDSS Symposium 2012
Due to the complexity of the victim programs and sophistication of recent exploits, existing diagnosis techniques either miss important attack steps or report too much irrelevant information. As the key steps in memory-corruption exploits often involve pointer misuses, we proposed PointerScope to automatically infer types on binary execution, detect pointer misuses, and then highlight the key steps of the exploit.