all InfoSec news
Blind Spots: Automatically detecting ignored program inputs. (arXiv:2301.08700v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
A blind spot is any input to a program that can be arbitrarily mutated
without affecting the program's output. Blind spots can be used for
steganography or to embed malware payloads. If blind spots overlap file format
keywords, they indicate parsing bugs that can lead to differentials. This paper
formalizes the operational semantics of blind spots, leading to a technique
that automatically detects blind spots based on dynamic information flow
tracking. An efficient implementation is introduced an evaluated against a …
blind spots bugs dynamic file flow information input inputs malware operational parsing program steganography tracking