Determining valid inputs for an unknown binary program
First Claim
1. A method to determine valid input sequences for an unknown binary program, the method comprising:
- obtaining a plurality of input sequences of unknown validity for the unknown binary program, each of the input sequences including two or more different inputs, the inputs for the input sequences determined as valid inputs for the unknown binary program, the unknown binary program being unknown based on source code of the unknown binary program being unavailable;
executing an instrumented version of the unknown binary program separately for each input sequence, each execution of the instrumented version of the unknown binary program using one of the input sequences as inputs to the instrumented version of the unknown binary program;
for each execution of the instrumented version of the unknown binary program, generating a set of execution traces by recording execution traces generated by the execution of the instrumented version of the unknown binary program;
generating at least two control flow graphs for at least two execution traces;
comparing the sets of execution traces including comparing the at least two control flow graphs with each other; and
determining which of the plurality of input sequences the unknown binary program accepts as valid based on the comparison of the sets of execution traces, wherein a valid input sequence includes a first input that is a precondition for a subsequent second input in the valid input sequence.
1 Assignment
0 Petitions
Accused Products
Abstract
A method to determine valid input sequences for an unknown binary program is provided. The method includes obtaining multiple input sequences, which each include two or more different inputs, for an unknown binary program. The inputs for the input sequences may be valid inputs for the unknown binary program. The method may further include executing an instrumented version of the unknown binary program separately for each input sequence. For each execution of the instrumented version of the unknown binary program, a set of execution traces may be generated by recording execution traces generated by the execution of the instrumented version of the unknown binary program. The method may further include comparing the sets of execution traces and determining which of the input sequences the unknown binary program accepts as valid based on the comparison of the sets of execution traces.
23 Citations
20 Claims
-
1. A method to determine valid input sequences for an unknown binary program, the method comprising:
-
obtaining a plurality of input sequences of unknown validity for the unknown binary program, each of the input sequences including two or more different inputs, the inputs for the input sequences determined as valid inputs for the unknown binary program, the unknown binary program being unknown based on source code of the unknown binary program being unavailable; executing an instrumented version of the unknown binary program separately for each input sequence, each execution of the instrumented version of the unknown binary program using one of the input sequences as inputs to the instrumented version of the unknown binary program; for each execution of the instrumented version of the unknown binary program, generating a set of execution traces by recording execution traces generated by the execution of the instrumented version of the unknown binary program; generating at least two control flow graphs for at least two execution traces; comparing the sets of execution traces including comparing the at least two control flow graphs with each other; and determining which of the plurality of input sequences the unknown binary program accepts as valid based on the comparison of the sets of execution traces, wherein a valid input sequence includes a first input that is a precondition for a subsequent second input in the valid input sequence. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. One or more non-transitory computer readable media that include instructions that when executed by one or more processors perform operations to determine valid input sequences for an unknown binary program, the operations comprising:
-
obtaining a plurality of input sequences of unknown validity for the unknown binary program, each of the input sequences including two or more different inputs, the inputs for the input sequences determined as valid inputs by the unknown binary program, the unknown binary program being unknown based on source code of the unknown binary program being unavailable; executing an instrumented version of the unknown binary program separately for each input sequence, each execution of the instrumented version of the unknown binary program using one of the input sequences as inputs to the instrumented version of the unknown binary program; for each execution of the instrumented version of the unknown binary program, generating a set of execution traces by recording execution traces generated by the execution of the instrumented version of the unknown binary program; generating at least two control flow graphs for at least two execution traces; comparing the sets of execution traces including comparing the at least two control flow graphs with each other; and determining which of the plurality of input sequences the unknown binary program accepts as valid based on the comparison of the sets of execution traces, wherein a valid input sequence includes a first input that is a precondition for a subsequent second input in the valid input sequence. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system to determine valid input sequences for an unknown binary program, the system comprising:
-
one or more processors; one or more computer readable media configured to store instructions that when executed by the one or more processors perform operations, the operations comprising; obtaining a plurality of input sequences of unknown validity for the unknown binary program, each of the input sequences including two or more different inputs, the inputs for the input sequences determined as valid inputs for the unknown binary program, the unknown binary program being unknown based on source code of the unknown binary program being unavailable; executing an instrumented version of the unknown binary program separately for each input sequence, each execution of the instrumented version of the unknown binary program using one of the input sequences as inputs to the instrumented version of the unknown binary program; for each execution of the instrumented version of the unknown binary program, generating a set of execution traces by recording execution traces generated by the execution of the instrumented version of the unknown binary program; generating at least two control flow graphs for at least two execution traces; comparing the sets of execution traces including comparing the at least two control flow graphs with each other; and determining which of the plurality of input sequences the unknown binary program accepts as valid based on the comparison of the sets of execution traces, wherein a valid input sequence includes a first input that is a precondition for a subsequent second input in the valid input sequence.
-
Specification