@inproceedings{38ed9cb6ab5449eda891d31523b8d4e5,
title = "Deepfuzz: Triggering vulnerabilities deeply hidden in binaries",
abstract = "We introduce a new method for triggering vulnerabilities in deep layers of binary executables and facilitate their exploitation. In our approach we combine dynamic symbolic execution with fuzzing techniques. To maximize both the execution path depth and the degree of freedom in input parameters for exploitation, we define a novel method to assign probabilities to program paths. Based on this probability distribution we apply new path exploration strategies. This facilitates payload generation and therefore vulnerability exploitation.",
keywords = "Concolic execution, Fuzzing, Random testing",
author = "Konstantin B{\"o}ttinger and Claudia Eckert",
note = "Publisher Copyright: {\textcopyright} Springer International Publishing Switzerland 2016.; 13th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2016 ; Conference date: 07-07-2016 Through 08-07-2016",
year = "2016",
doi = "10.1007/978-3-319-40667-1\_2",
language = "English",
isbn = "9783319406664",
series = "Lecture Notes in Computer Science",
publisher = "Springer Verlag",
pages = "25--34",
editor = "Juan Caballero and Urko Zurutuza and Rodr{\'i}guez, \{Ricardo J.\}",
booktitle = "Detection of Intrusions and Malware, and Vulnerability Assessment - 13th International Conference, DIMVA 2016, Proceedings",
}