Qingkai Zeng

Learn More
—Code reuse attacks have become one of the most popular exploitation techniques, and coarse-grained control flow integrity (CFI) is a practical approach used to prevent such attacks. Recently, some new approaches have been proposed to construct call-preceded-ROP attacks to bypass coarse-grained CFI, however, we find that they still fail to bypass shadow(More)
Integer-Overflow-to-Buffer-Overflow (<i>IO2BO</i>) vulnerabilities can be exploited by attackers to cause severe damages to computer systems. In this paper, we present the design and implementation of IntTracker, an efficient dynamic tracking technique for detecting IO2BO vulnerabilities in C/C++ programs. IntTracker utilizes a static taint analysis to(More)
Concolic testing is a popular method based on symbolic execution and constraint solving, designed for security testing of applications. Unfortunately, the current effectiveness of concolic testing tools are limited when testing large applications due to the enormous number of control paths and limited budget. In this paper, we introduce selective symbolic(More)
Integer overflow (<i>IO</i>) vulnerabilities can be exploited by attackers to compromise computer systems. In the mean time, IOs can be used intentionally by programmers for benign purposes such as hashing and random number generation. Hence, differentiating exploitable and harmful IOs from intentional and benign ones is an important challenge. It allows(More)
—Integer signedness error can be exploited by attackers to cause severe damages to computer systems. Despite of the significant advances in automating the detection of integer signedness errors, accurately differentiating exploitable and harmful signedness errors from unharmful ones still remains an open problem. In this paper, we present the design and(More)