Cyber attacks have been one of the major threats to the security and privacy of billions of Internet users. At the core of these attacks, software exploits provide malicious actors with initial access to the victim target systems, thus an important part of the attacks. However, despite the fact that exploits are important and there are abundant known exploits, they are understudied. This work aims to fill the gap. It aims to study known exploits and derive new knowledge from them in order to provide security researchers with more insights to develop defenses against software exploits.

This dissertation proposes Exploit Generalization, a procedure to analyze exploitation techniques used in known exploits, extract hidden knowledge in them, and derive new techniques. In particular, it hypothesizes the existence of technique-dominating factors behind exploitation techniques, and finding new approaches to temper with the dominating factors is essentially finding new exploitation techniques.

This dissertation also discusses three research studies following this line of work to showcase the feasibility of Exploit Generalization. These studies span from the kernel space to the user space, showing the generality of Exploit Generalization. In the three studies, the authors identified each research target's technique dominating factors respectively and derived new exploitation techniques by finding new approaches to temper with the dominating factors.