| Popis: |
Vulnerability discovery and exploiting are critical to software security. Emerging intelligent vulnerability discovery solutions usually require a large number of training data. Studying exploits also requires a set of existing exploit samples. As a result, building a dataset for vulnerability and exploit research is necessary. In this paper, we present CBTracer, able to catch real-time I/O traffic of target applications and monitor their runtime executions, to build an evolving dataset for kinds of security analysis, including vulnerability discovery and exploit generation. CBTracer is a lightweight framework designed to be deployed easily in various CTF competitions by different organizers to build a bigger dataset. We used CBTracer to collect data from CGC challenges and deployed it in several real-world CTF challenges, showing that it could efficiently collects security-related data. |
