Show simple item record

dc.contributor.advisorNickolai Zeldovich.en_US
dc.contributor.authorValdez, Steven (Steven D.)en_US
dc.contributor.otherMassachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.en_US
dc.date.accessioned2016-01-04T19:59:24Z
dc.date.available2016-01-04T19:59:24Z
dc.date.copyright2015en_US
dc.date.issued2015en_US
dc.identifier.urihttp://hdl.handle.net/1721.1/100620
dc.descriptionThesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2015.en_US
dc.descriptionThis electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.en_US
dc.descriptionTitle as it appears in MIT Commencement Exercises program, June 5, 2015: Fuzzing through a concolic execution system in PIN Cataloged from student-submitted PDF version of thesis.en_US
dc.descriptionIncludes bibliographical references (pages 61-62).en_US
dc.description.abstractIn this thesis, I designed and implemented Confuzzer, a system that fuzzes certain classes of closed source binaries using Concolic Execution techniques in order to find vulnerable inputs into programs that could be leveraged by attackers to compromise systems that the binary might be running on. The design of this system allows improved performance on fuzzing programs that have a large branching factor or are heavily based on complex conditionals determining control flow. The system is designed around a Taint/Crash Analysis tool combined with a Path Exploration system to generate symbolic representations of the paths, generating a new set of inputs to be tested. These are implemented using a combination of Intel PIN for the Taint Analysis and Python/z3 for the Path Exploration. Results show that while this system is very slow in instrumenting each run of the binary, we are able to reduce the search space to a manageable level compared to other existing tools.en_US
dc.description.statementofresponsibilityby Steven Valdez.en_US
dc.format.extent62 pagesen_US
dc.language.isoengen_US
dc.publisherMassachusetts Institute of Technologyen_US
dc.rightsM.I.T. theses are protected by copyright. They may be viewed from this source for any purpose, but reproduction or distribution in any format is prohibited without written permission. See provided URL for inquiries about permission.en_US
dc.rights.urihttp://dspace.mit.edu/handle/1721.1/7582en_US
dc.subjectElectrical Engineering and Computer Science.en_US
dc.titlePerforming binary fuzzing using concolic executionen_US
dc.title.alternativeFuzzing through a concolic execution system in PINen_US
dc.typeThesisen_US
dc.description.degreeM. Eng.en_US
dc.contributor.departmentMassachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
dc.identifier.oclc932641731en_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record