Skip to content

jkrshnmenon/arbiter

Repository files navigation

Arbiter

Arbiter is a combination of static and dynamic analyses, built on top of angr, that can be used to detect some vulnerability classes.

All you need to use Arbiter is a sink that can be identified statically (like a call to a specific function), and a property that should not be violated at this sink. Arbiter can then be used to detect if this property is violated at any of the corresponding sinks in the binary.

Overview

overview image

Research paper

We present our approach and the findings of this work in the following research paper:

Arbiter: Bridging the Static and Dynamic Divide in Vulnerability Discovery on Binary Programs

Jayakrishna Vadayath, Moritz Eckert, Kyle Zeng, Nicolaas Weideman, Gokulkrishna Praveen Menon, Yanick Fratantonio, Davide Balzarotti, Adam Doupé, Tiffany Bao, Ruoyu Wang, Christophe Hauser and Yan Shoshitaishvili

In Proceedings of USENIX Security Symposium August 2022,

If you use Arbiter in a scientific publication, we would appreciate citations using the following Bibtex entry:

@inproceedings {vadayath_arbiter_22,
	title        = {{Arbiter: Bridging the Static and Dynamic Divide in Vulnerability Discovery on Binary Programs}},
	author       = {Vadayath, Jayakrishna and Eckert, Moritz and Zeng, Kyle and Weideman, Nicolaas and Menon, Gokulkrishna Praveen and Fratantonio, Yanick and Balzarotti, Davide and Doup{\'e}, Adam and Bao, Tiffany and Wang, Ruoyu and Hauser, Christophe and Shoshitaishvili, Yan}
	booktitle    = {31st USENIX Security Symposium (USENIX Security 22)},
	month        = aug,
	year         = 2022,
	address      = {Boston, MA},
}

Paper

Slides

Installation

python setup.py build && python setup.py install

Docker image

docker pull 4rbit3r/arbiter:latest

Arbiter examples

This repository contains some examples of using Arbiter to detect different CWE types in the examples directory.

It also contains templates that were used for evaluating Arbiter on the Juliet Test suite as well as real world binaries in the vuln_templates directory.

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Packages

No packages published