Input Generation via Taintdata Identification: Finding Hidden Path in the Environment-Intensive Program

Concolic testing is an integrated approach of symbolic execution and dynamic analysis, which is widely adopted by security researchers for program behavior analysis. This approach fails on hidden path discovery of environment-intensive program. We investigated on existing concolic testing tools and found out that several of them does not take this issue into account while others solved this issue with overloaded working model. We proposed a systematic and unified approach of automatically identifying and modifying the output of the Data input interacting functions (DIIF) based on fine-grained taint analysis, which detects and updates the data interacting with the runtime environment and generating a new customized set of inputs to execute hidden paths, to reveal the hidden paths on only particular runtime configuration or context. A prototype was developed and evaluated with a set of complex and environment-intensive programs. The experimental result demonstrated that our approach could detect the DIIF precisely and improve the code coverage.