Uninformed: Informative Information for the Uninformed

Vol 9» 2008.Jan


This paper has introduced the general concept of exploitation properties and described how they can be used to better understand the exploitability of a system. The purpose of an exploitation property is to help convey the ease with which a vulnerability might be exploited if one is found to be present. Exploitation properties can be broken down into different categories based on the configuration or context that a given property is associated from. These categories include operating platforms, running processes, binary modules, and functions.

Exploitation properties can be used to provide an alternative understanding of an application's attack surface from the perspective of which areas would be most trivially exploited. This can allow an attacker to focus on finding security issues in code that would be more easily exploited. Likewise, a defender can draw the same conclusions and direct resources of their own at reviewing the associated code. It may also be possible to use this information to augment existing mitigations or to come up with new mitigations. A contrived example based on the form of the ANI vulnerability was used to illustrate an automated approach to extracting exploitation properties and using them to help identify a constrained subset of regions of code that meet a specific criteria. Future research will attempt to better define the extent of exploitation properties and their uses.