The tool is named “Cooper” – a reference to the “cooperative mutation” technique employed by the tool.
In his speech and a paper [PDF] Describing Cooper, Xu and his collaborators claim that the binding code “is prone to inconsistent semantics and security flaws, which lead to severe vulnerabilities.”
Xu said Cooper can find such flaws because the cooperative mutation technique he uses “simultaneously modifies script code and related document objects to explore various code paths of binding code.” This approach contrasts with other defensive techniques that check for flaws in scripts.
As explained on the tool GitHub pageCooper has three components:
- Object grouping At first, Cooper parses the given example documents to extract the native objects. To reduce the object search space, Cooper categorizes objects into different classes based on their attributes.
- Relationship inference Then, Cooper produces a large number of documents by combining different object classes and API groups, and records the execution results of the embedded scripts. Based on the script execution success rate and object class distribution, Cooper infers the relationships between API groups and object classes.
- Relationship Driven Mutation Finally, Cooper exploits the inferred relationship to guide object selection, script generation, and object mutation.
Cooper is therefore in some ways an elaborate fuzzing tool – inferring relationships guides the process of finding the conditions under which scripts, applications, and the link layer produce undesirable and/or dangerous behavior.
The tool itself is a set of scripts – in Python – and is up to you to request. here.
The project was created by Xu Peng and Professor Purui Su, both of the Chinese Academy of Sciences, security researcher Yanhao Wang of the QI-ANXIN Institute of Technological Research and Hong Hu, an assistant professor at the University of Pennsylvania State. ®