Abstract:
In recent years, the number of software vulnerabilities has increased sharply and its harmfulness has aroused widespread concern in society. Compiling vulnerability utilization code accurately, efficiently and quickly is the key to vulnerability damage assessment and vulnerability repairment. At present, the vulnerability exploitation code mainly relies on manual analysis and writing, which is inefficient. Therefore, how to realize automatic vulnerability exploitation code generation (AEG) is a hotspot and difficulty in software security research field. In this paper, we analyze the representative achievements in this field in recent 30 years. Firstly, we divide the vulnerability automatic utilization process into four typical segments: vulnerability root location, reachable path search, vulnerability primitive generation and utilization code generation. After that we sort out and select the typical work of the above achievements from the three perspectives of human-machine boundary, attack and defense game, and common basic technology. And on this basis, we define the key points, difficulties and phased achievements of the current research. Finally, from the gap between the existing achievements and the practical application of automatic exploit generation, we discuss the bottleneck problems existing in the current research, the future development trend of AEG, and the next research points we should focus on.