/thesis

Primary LanguagePython

Impact factors for severity assessment of bugs discovered via compositional symbolic execution

By Ricardo Nales, supervised by Saahil Ognawala

Task list (30.06.2017)

Task list (22.06.2017)

  • Compile all programs with make+llvm.
    • Check for dependencies, and install them
  • Create callgraphs for all of them.
  • Mark functions that have the vulnerabilities.

Task list (08.06.2017)

  • How to extract callgraphs using LLVM Opt.
  • Get NVD bugs for 15 years ( for the ones that have CVSS3 available )
    • Filter entries by CVSS3 and CVE_probelmtype_data = CWE-119
    • Description must value must have "function" and ".c"
  • For all filtered bugs get program name, version and link
  • Download sources of filtered programs.
  • Google Sheets link to Saahil. Create a tuple for each individual program.

Task list (01.06.2017)

  • Proposal on user interface for assessment tool. (Wireframe only)
  • Look at the complete output of Macke on Kaleidoscope programs. (Don't save in /tmp)
    • Which fields are indicative of attack complexity and why?
  • Look at GNU Bugzilla repositories to learn about known severities.
    • List all required and optional fields in Bugzilla.
    • Which fields are indicative of attack complexity?

Task list (26.05.2017)

Task list (18.05.2017)

  • Read papers for severity assessment
  • Send docker link to thomas and saahil by email (ricardonales/macke:0.6)
  • Run KLEE on all Kaleidoscope programs
  • Install macke from tum-i22 github page
  • Run all kaleidoscope programs with Macke
    • Play around with all options
    • Run with multiple time limits (per function)
    • Look at the outputs, and compare to KLEE outputs

Task list (15.05.2017)