Skip to content

sslab-gatech/desensitization

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

DESENSITIZATION: A privacy-aware and attack-preserving crash-reporting framework

Paper

Overview

DESENSITIZATION aims to generate privacy-aware and attack-preserving crash reports from crashed executions. It adopts lightweight methods for practicality to extract bug-related and attack-related data from the memory, and removes other data to protect users’ privacy. Besides, it also offers the benefits of bandwidth saving as procssed crash reports are stored as sparse files. The framework is extensible, and is independent of the target programs. It supports both the format of both coredumps and minidumps.

Contents

  • Code base:

    • desen-src/elftools | desen-src/pwnlib: parsing coredumps
    • desen-src/minidump: parsing minidumps
  • Crashes:

    • All the evaluated crashes are shared through the link due to size limit (~34G compressed, ~1.7T decompressed).
    • desen-crashes/[benchmark]/: benign/malicious crashes used to evaluate, including those from ffmpeg, php, chakra, firefox and tachikoma. Please refer to the paper for more details.

Run for testing

# setup
$ export PATH=[pn_to_repo]/bin:$PATH

# run
$ desen -m [crash_format] -p [pn_to_crash]

-m: {core,mini}
-p: path to the processing crash
-h: help message

Contacts