You’ve fuzzed your favorite application and found a mountain of crashes, now what? BitBlaze is an open source binary analysis platform which can perform whole system taint tracing, dynamic symbolic execution, as well as static analysis. Using BitBlaze, it is possible to determine, upon application crash, which registers and memory locations are tainted from the fuzzed input and in what ways they are used. Furthermore, this taint information can give a level of understanding on what went wrong with the program and why, reducing crash analysis from days to hours and sometimes minutes. In this talk, we present BitBlaze as well as walk through real life case studies of its use.
ISE Charlie Miller is currently Principal Analyst at Independent Security Evaluators. He was the first with a public remote exploit for both the iPhone and the G1 Android phone. He won the CanSecWest Pwn2Own competition for the last three years. Popular Mechanics listed him as a Top 10 Hacker of 2008 and he is on the list of 2010 Security Superstars by Channel Web. He has authored two information security books and holds a PhD from the University of Notre Dame.
Noah Johnson is currently pursuing his Ph.D. in Computer Science at UC Berkeley. As a member of Professor Dawn Song's BitBlaze group, his research includes investigation and development of automated binary analysis techniques for analyzing malicious code and building effective defenses against malware. More information about BitBlaze is at http://bitblaze.cs.berkeley.edu.