Eunomia: Enabling User-Specified Fine-Grained Search in Symbolically Executing WebAssembly Binaries
| dc.contributor.author | He, Ningyu | en |
| dc.contributor.author | Zhao, Zhehao | en |
| dc.contributor.author | Wang, Jikai | en |
| dc.contributor.author | Hu, Yubin | en |
| dc.contributor.author | Guo, Shengjian | en |
| dc.contributor.author | Wang, Haoyu | en |
| dc.contributor.author | Liang, Guangtai | en |
| dc.contributor.author | Li, Ding | en |
| dc.contributor.author | Chen, Xiangqun | en |
| dc.contributor.author | Guo, Yao | en |
| dc.date.accessioned | 2023-08-02T17:46:13Z | en |
| dc.date.available | 2023-08-02T17:46:13Z | en |
| dc.date.issued | 2023-07-12 | en |
| dc.date.updated | 2023-08-01T07:58:02Z | en |
| dc.description.abstract | Although existing techniques have proposed automated approaches to alleviate the path explosion problem of symbolic execution, users still need to optimize symbolic execution by applying various searching strategies carefully. As existing approaches mainly support only coarse-grained global searching strategies, they cannot efficiently traverse through complex code structures. In this paper, we propose Eunomia, a symbolic execution technique that supports fine-grained search with local domain knowledge. Eunomia uses Aes, a DSL that lets users specify local searching strategies for different parts of the program. Eunomia also isolates the context of variables for different local searching strategies, avoiding conflicts. We implement Eunomia for WebAssembly, which can analyze applications written in various languages. Eunomia is the first symbolic execution engine that supports the full features of WebAssembly. We evaluate Eunomia with a microbenchmark suite and six real-world applications. Our evaluation shows that Eunomia improves bug detection by up to three orders of magnitude. We also conduct a user study that shows the benefits of using Aes. Moreover, Eunomia verifies six known bugs and detects two new zero-day bugs in Collections-C. | en |
| dc.description.version | Published version | en |
| dc.format.mimetype | application/pdf | en |
| dc.identifier.doi | https://doi.org/10.1145/3597926.3598064 | en |
| dc.identifier.uri | http://hdl.handle.net/10919/115961 | en |
| dc.language.iso | en | en |
| dc.publisher | ACM | en |
| dc.rights | In Copyright | en |
| dc.rights.holder | The author(s) | en |
| dc.rights.uri | http://rightsstatements.org/vocab/InC/1.0/ | en |
| dc.title | Eunomia: Enabling User-Specified Fine-Grained Search in Symbolically Executing WebAssembly Binaries | en |
| dc.type | Article - Refereed | en |
| dc.type.dcmitype | Text | en |