What are the Actual Flaws in Important Smart Contracts (and How Can We Find Them)?

An important problem in smart contract security is understanding the likelihood and criticality of discovered, or potential, weaknesses in contracts. In this paper we provide a summary of Ethereum smart contract audits performed for 23 professional stakeholders, avoiding the common problem of reporting issues mostly prevalent in low-quality contracts. These audits were performed at a leading company in blockchain security, using both open-source and proprietary tools, as well as human code analysis performed by professional security engineers. We categorize 246 individual defects, making it possible to compare the severity and frequency of different vulnerability types, compare smart contract and non-smart contract flaws, and to estimate the efficacy of automated vulnerability detection approaches

Targeted Greybox Fuzzing with Static Lookahead Analysis

Automatic test generation typically aims to generate inputs that explore new paths in the program under test in order to find bugs. Existing work has, therefore, focused on guiding the exploration toward program parts that are more likely to contain bugs by using an offline static analysis. In this paper, we introduce a novel technique for targeted greybox fuzzing using an online static analysis that guides the fuzzer toward a set of target locations, for instance, located in recently modified parts of the program. This is achieved by first semantically analyzing each program path that is explored by an input in the fuzzer's test suite. The results of this analysis are then used to control the fuzzer's specialized power schedule, which determines how often to fuzz inputs from the test suite. We implemented our technique by extending a state-of-the-art, industrial fuzzer for Ethereum smart contracts and evaluate its effectiveness on 27 real-world benchmarks. Using an online analysis is particularly suitable for the domain of smart contracts since it does not require any code instrumentation---instrumentation to contracts changes their semantics. Our experiments show that targeted fuzzing significantly outperforms standard greybox fuzzing for reaching 83% of the challenging target locations (up to 14x of median speed-up)

Harvey: A Greybox Fuzzer for Smart Contracts

We present Harvey, an industrial greybox fuzzer for smart contracts, which are programs managing accounts on a blockchain. Greybox fuzzing is a lightweight test-generation approach that effectively detects bugs and security vulnerabilities. However, greybox fuzzers randomly mutate program inputs to exercise new paths; this makes it challenging to cover code that is guarded by narrow checks, which are satisfied by no more than a few input values. Moreover, most real-world smart contracts transition through many different states during their lifetime, e.g., for every bid in an auction. To explore these states and thereby detect deep vulnerabilities, a greybox fuzzer would need to generate sequences of contract transactions, e.g., by creating bids from multiple users, while at the same time keeping the search space and test suite tractable. In this experience paper, we explain how Harvey alleviates both challenges with two key fuzzing techniques and distill the main lessons learned. First, Harvey extends standard greybox fuzzing with a method for predicting new inputs that are more likely to cover new paths or reveal vulnerabilities in smart contracts. Second, it fuzzes transaction sequences in a targeted and demand-driven way. We have evaluated our approach on 27 real-world contracts. Our experiments show that the underlying techniques significantly increase Harvey's effectiveness in achieving high coverage and detecting vulnerabilities, in most cases orders-of-magnitude faster; they also reveal new insights about contract code.Comment: arXiv admin note: substantial text overlap with arXiv:1807.0787

Analyses de code binaire pour la détection et le déclenchement de use-after-free

Security is becoming a major concern in software development, both for software editors, end-users, and government agencies. A typical problem is vulnerability detection, which consists in finding in a code bugs able to let an attacker gain some unforeseen privileges like reading or writing sensible data, or even hijacking the program execution.This thesis proposes a practical approach to detect a specific kind of vulnerability, called use-after-free, occurring when a heap memory block is accessed after being freed. Such vulnerabilities have lead to numerous exploits (in particular against web browsers), and they are difficult to detect since they may involve several distant events in the code (allocating, freeingand accessing a memory block).The approach proposed consists in two steps. First, a coarse-grain and unsound binary level static analysis, called GUEB, allows to track heap memory blocks operation (allocation, free, and use). This leads to a program slice containing potential use-after-free. Then, a dedicated guided dynamic symbolic execution, developed within the Binsec plateform, is used to retrieve concreteprogram inputs aiming to trigger these use-after-free. This combination happened to be be effective in practice and allowed to detect several unknown vulnerabilities in real-life code. The implementation is available as an open-source tool-chain operating on x86 binary code.La sécurité des systèmes est devenue un élément majeur du développement logicielle, pour les éditeurs, les utilisateurs et les agences gouvernementales. Un problème récurrent est la détection de vulnérabilités, qui consiste à détecter les bugs qui pourraient permettre à un attaquant de gagner des privilèges non prévues, comme la lecture ou l’écriture de donnée sensible, voir même l’exécution de code non autorisé. Cette thèse propose une approche pratique pour la détection d’une vulnérabilité particulière : le use-after-free, qui apparaît quand un élément du tas est utilisé après avoir été libéré. Cette vulnérabilité a été utilisé dans de nombreux exploits, et est, de par sa nature, difficile à détecter. Les problèmes récurrents pour sa détection sont, par exemple, le fait que les éléments déclenchant la vulnérabilité peuvent être répartis à de grande distance dans le code, le besoin de raisonner sur l’allocateur mémoire, ou bien la manipulation de pointeurs. L’approche proposé consiste en deux étapes. Premièrement, une analyse statique, basée sur une analyse légère, mais non sûre, appelé GUEB, permet de traquer les accès mémoire ainsi que l’état des éléments du tas (alloué / libéré / utilisé) . Cette analyse mène à un slice de programme contenant de potentiel use-after-free. La seconde étape vient alors confirmer ou non la présence de vulnérabilité dans ces slices, et est basée sur un moteur d'exécution symbolique guidé, développé dans la plateforme Binsec. Ce moteur permet de générer des entrées du programme réel déclenchant un use-after-free. Cette combinaison s’est montré performante en pratique et a permis de détecter plusieurs use-after-free qui étaient précédemment inconnu dans plusieurs codes réels. L’implémentation des outils est disponible en open-source et fonctionne sur du code x86

Finding the Needle in the Heap: Combining Static Analysis and Dynamic Symbolic Execution to Trigger Use-After-Free

International audienceThis paper presents a fully automated technique to find and trigger Use-After-Free vulnerabilities (UAF) on binary code. The approach combines a static analyzer and a dynamic symbolic execution engine. We also introduce several original heuristics for the dynamic symbolic execution part, speeding up the exploration and making this combination effective in practice. The tool we developed is open-source, and it has successfully been applied on real world vulnerabilities. As an example, we detail a proof-of-concept exploit triggering a previously unknown vulnerability on JasPer leading to the CVE-2015-5221

Toward large-scale vulnerability discovery using machine learning

With sustained growth of software complexity, finding security vulnerabilities in operating systems has become an important necessity. Nowadays, OS are shipped with thousands of binary executables. Unfortunately, methodologies and tools for an OS scale program testing within a limited time budget are still missing. In this paper we present an approach that uses lightweight static and dynamic features to predict if a test case is likely to contain a software vulnerability using machine learning techniques. To show the effectiveness of our approach, we set up a large experiment to detect easily exploitable memory corruptions using 1039 Debian programs obtained from its bug tracker, collected 138,308 unique execution traces and statically explored 76,083 different subsequences of function calls. We managed to predict with reasonable accuracy which programs contained dangerous memory corruptions. We also developed and implemented VDiscover, a tool that uses state-of-the-art Machine Learning techniques to predict vulnerabilities in test cases. Such tool will be released as open-source to encourage the research of vulnerability discovery at a large scale, together with VDiscovery, a public dataset that collects raw analyzed data

Specification of Concretization and Symbolization Policies in Symbolic Execution

International audienceSymbolic Execution (SE) is a popular and profitable approach to automatic code-based software testing. Concretization and symbolization (C/S) is a crucial part of modern SE tools, since it directly impacts the trade-offs between correctness, completeness and efficiency of the approach. Yet, C/S policies have been barely studied. We intend to remedy to this situation and to establish C/S policies on a firm ground. To this end, we propose a clear separation of concerns between C/S specification on one side, through the new rule-based description language CSml, and the algorithmic core of SE on the other side, revisited to take C/S policies into account. This view is implemented on top of an existing SE tool, demonstrating the feasibility and the benefits of the method. This work paves the way for more flexible SE tools with well-documented and reusable C/S policies, as well as for a systematic study of C/S policies

BINSEC/SE: A Dynamic Symbolic Execution Toolkit for Binary-level Analysis

International audienceWhen it comes to software analysis, several approaches exist from heuristic techniques to formal methods, which are helpful at solving different kinds of problems. Unfortunately very few initiative seek to aggregate this techniques in the same platform. BINSEC intend to fulfill this lack of binary analysis platform by allowing to perform modular analysis. This work focusses on BINSEC/SE, the new dynamic symbolic execution engine (DSE) implemented in BINSEC. We will highlight the novelties of the engine, especially in terms of interactions between concrete and symbolic execution or optimization of formula generation. Finally, two reverse engineering applications are shown in order to emphasize the tool effectiveness