Bugalyze.com - Detecting Bugs Using Decompilation and Data Flow Analysis

Presented at Black Hat USA 2013, Aug. 1, 2013, 5 p.m. (Unknown duration)

Bugwise is a free online web service at www.bugalyze.com to perform static analysis of binary executables to detect software bugs and vulnerabilities. It detects bugs using a combination of decompilation to recover high level information, and data flow analysis to discover issues such as use-after-frees and double frees. Bugwise has been developed over the past several years and is implemented as a series of modules in a greater system that performs other binary analysis tasks such as malware detection. This entire system consists of more than 100,000 lines of C++ code and a scalable load balanced multi-node Amazon EC2 cluster. In this talk, I will explain how Bugwise works. The system is still in the development stage but has successfully found a number of real bugs and vulnerabilities in Debian Linux. This includes double free, use-after-free, and over 50 getenv(,strcpy) bugs statically found from scanning the entire Debian repository.

Presenters:

• Silvio Cesare - Deakin University
  Silvio Cesare is a PhD student at Deakin University. His research is supported by a full scholarship under a Deakin University Postgraduate Research Award. His research interests include malware detection and automated vulnerability discovery using static analysis of executable binaries. He has previously spoken at industry conferences including Blackhat, Cansecwest, Ruxcon, and has published in academic journals such as IEEE Transactions on Computers. He is also author of the book Software Similarity and Classification, published by Springer. He has worked in industry within Australia, France and the United States. This work includes time as the scanner architect of Qualys - now the world's largest vulnerability assessment company. In 2008 he was awarded $5000 USD tied 3rd prize for the highest impact vulnerability reported to security intelligence company IDefense for an implementation specific IDS evasion bug in the widely deployed Snort software. He has a Bachelor of Information Technology and a Master of Informatics by research from CQUniversity where he was awarded with two academic prizes during his undergraduate degree, and a University Postgraduate Research Award full scholarship during his Masters degree

Links:

• https://www.blackhat.com/us-13/archives.html#Cesare
• https://www.youtube.com/watch?v=jgKwNzxm8q4
• https://media.blackhat.com/us-13/US-13-Cesare-Bugalyze.com-Detecting-Bugs-Using-Decompilation-Slides.pdf
• https://media.blackhat.com/us-13/US-13-Cesare-Bugalyze.com-Detecting-Bugs-Using-Decompilation-WP.pdf

Similar Presentations:

• REcon Brussels 2017 / Your Chakra Is Not Aligned
• DEF CON 15 (2007) / How I Learned to Stop Fuzzing and Find More Bugs
• ToorCon San Diego 17 (2015) / GUEB : Static Detection of Use-After-Free on Binary