Internet Archive Scholar
Filters
























13 Hits in 2.5 sec

CoLaFUZE: Coverage-Guided and Layout-Aware Fuzzing for Android Drivers

Tianshi MU, Huabing ZHANG, Jian WANG, Huijuan LI
2021 IEICE transactions on information and systems  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (543.6 kB)
https://web.archive.org/web/20211123191657/https://www.jstage.jst.go.jp/article/transinf/E104.D/11/E104.D_2021NGP0005/_pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL. The file type is application/pdf.

We present CoLaFUZE, a coverage-guided and layout-aware fuzzing tool for automatically generating valid inputs and exploring the driver code.  ...  CoLaFUZE leverages dynamic analysis and symbolic execution to recover the driver interfaces and generates valid inputs for the interfaces.  ...  To show the effectiveness of the proposed interface recovery method, we compare the recovery result of CoLa-FUZE against the result of DIFUZE, an interface-aware kernel fuzzing tool.  ... 
doi:10.1587/transinf.2021ngp0005 fatcat:lzvdg2zvljhurmfxot3sdqcj6q
Citation

Tianshi MU, Huabing ZHANG, Jian WANG, Huijuan LI. "CoLaFUZE: Coverage-Guided and Layout-Aware Fuzzing for Android Drivers." IEICE transactions on information and systems E104.D.11 (2021) 1902-1912

Unicorefuzz: On the Viability of Emulation for Kernelspace Fuzzing

Dominik Maier, Benedikt Radtke, Bastian Harren
2019 Workshop on Offensive Technologies  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.6 MB)
https://web.archive.org/web/20201108001202/https://www.usenix.org/system/files/woot19-paper_maier.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

This is especially true for code that cannot run as part of a userland process on desktop operating systems -for example device drivers and kernel components.  ...  Emulator-based fuzzing of kernel code is not very complex to set up and can even be used to fuzz operating systems and devices for which no source code is available.  ...  Acknowledgments The authors wish to thank Vincent Ulitzsch, Fabian Freyer and Marius Muench for valuable input.  ... 
dblp:conf/woot/MaierRH19 fatcat:7w3iot2qfzhkxhwtwnzu5bqdx4
Citation

Dominik Maier, Benedikt Radtke, Bastian Harren. "Unicorefuzz: On the Viability of Emulation for Kernelspace Fuzzing." Workshop on Offensive Technologies (2019)

USBFuzz: A Framework for Fuzzing USB Drivers by Device Emulation

Hui Peng, Mathias Payer
2020 USENIX Security Symposium  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.2 MB)
https://web.archive.org/web/20220204195813/https://www.usenix.org/system/files/sec20-peng_0.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL. The file type is application/pdf.

This interface exposes the OS kernels and device drivers to attacks by malicious devices.  ...  We present USBFuzz, a portable, flexible, and modular framework for fuzz testing USB drivers.  ...  Acknowledgments We thank our shepherd and the anonymous reviewers for their insightful comments.  ... 
dblp:conf/uss/PengP20 fatcat:lhbie4js5ja53g3k23vhvp63sa
Citation

Hui Peng, Mathias Payer. "USBFuzz: A Framework for Fuzzing USB Drivers by Device Emulation." USENIX Security Symposium (2020) 2559-2575

Fuzzing Error Handling Code in Device Drivers Based on Software Fault Injection

Zu-Ming Jiang, Jia-Ju Bai, Julia Lawall, Shi-Min Hu
2019 2019 IEEE 30th International Symposium on Software Reliability Engineering (ISSRE)  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (845.2 kB)
https://web.archive.org/web/20200505023258/https://hal.inria.fr/hal-02389293/document

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

During driver execution, by analyzing runtime information, it automatically fuzzes error-site sequences for fault injection to improve code coverage.  ...  Device drivers remain a main source of runtime failures in operating systems. To detect bugs in device drivers, fuzzing has been commonly used in practice.  ...  ACKNOWLEDGMENT We would like to thank the Linux driver developers who gave helpful feedback on our bug reports.  ... 
doi:10.1109/issre.2019.00022 dblp:conf/issre/JiangBL019 fatcat:xhnjoxocmvaxdjbvtxaefi24iq
Citation

Zu-Ming Jiang, Jia-Ju Bai, Julia Lawall, Shi-Min Hu. "Fuzzing Error Handling Code in Device Drivers Based on Software Fault Injection." 2019 IEEE 30th International Symposium on Software Reliability Engineering (ISSRE) (2019) 128-138

FuzzGen: Automatic Fuzzer Generation

Kyriakos K. Ispoglou, Daniel Austin, Vishwath Mohan, Mathias Payer
2020 USENIX Security Symposium  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.1 MB)
https://web.archive.org/web/20220120083453/https://www.usenix.org/system/files/sec20-ispoglou.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL. The file type is application/pdf.

FuzzGen leverages a whole system analysis to infer the library's interface and synthesizes fuzzers specifically for that library.  ...  Fuzzing is a testing technique to discover unknown vulnerabilities in software.  ...  Acknowledgments We thank our shepherd Tuba Yavuz and the anonymous reviewers for their insightful comments.  ... 
dblp:conf/uss/IspoglouAMP20 fatcat:aohpeyduyjhmlbv4occ22y6zay
Citation

Kyriakos K. Ispoglou, Daniel Austin, Vishwath Mohan, Mathias Payer. "FuzzGen: Automatic Fuzzer Generation." USENIX Security Symposium (2020) 2271-2287

Be Sensitive and Collaborative: Analyzing Impact of Coverage Metrics in Greybox Fuzzing

Jinghan Wang, Yue Duan, Wei Song, Heng Yin, Chengyu Song
2019 International Symposium on Recent Advances in Intrusion Detection  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (644.3 kB)
https://web.archive.org/web/20220608113206/https://www.usenix.org/system/files/raid2019-wang-jinghan.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL. The file type is application/pdf.

Coverage-guided greybox fuzzing has become one of the most common techniques for finding software bugs.  ...  dataset as a previous approach (Driller) that combines fuzzing and concolic execution.  ...  DIFUZE [10] uses a specific interface recovered from statically analyzing kernel drive code to generate correctly-structured input for fuzzing kernel drivers.  ... 
dblp:conf/raid/WangDSYS19 fatcat:qq2327th65b5hcfbdfut6z4zpy
Citation

Jinghan Wang, Yue Duan, Wei Song, Heng Yin, Chengyu Song. "Be Sensitive and Collaborative: Analyzing Impact of Coverage Metrics in Greybox Fuzzing." International Symposium on Recent Advances in Intrusion Detection (2019) 1-15

Krace: Data Race Fuzzing for Kernel File Systems

Meng Xu, Sanidhya Kashyap, Hanqing Zhao, Taesoo Kim
2020 2020 IEEE Symposium on Security and Privacy (SP)  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.5 MB)
https://web.archive.org/web/20220526220403/https://ieeexplore.ieee.org/ielx7/9144328/9152199/09152693.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL. The file type is application/pdf.

and happens-before modeling for kernel synchronization primitives for precise data race detection.  ...  progress in the concurrency dimension; 2) an evolution algorithm for generating, mutating, and merging multithreaded syscall sequences as inputs for concurrency fuzzing; and 3) a comprehensive lockset  ...  For example, MoonShine [25] captures dependencies between syscalls and DIFUZE [26] generates interface-aware inputs.  ... 
doi:10.1109/sp40000.2020.00078 dblp:conf/sp/XuKZK20 fatcat:peuriktijjbn7mzyfxyrgyfyu4
Citation

Meng Xu, Sanidhya Kashyap, Hanqing Zhao, Taesoo Kim. "Krace: Data Race Fuzzing for Kernel File Systems." 2020 IEEE Symposium on Security and Privacy (SP) (2020) 1643-1660

PASAN: Detecting Peripheral Access Concurrency Bugs within Bare-Metal Embedded Applications

Taegyu Kim, Vireshwar Kumar, Junghwan Rhee, Jizhou Chen, Kyungtae Kim, Chung Hwan Kim, Dongyan Xu, Dave (Jing) Tian
2021 USENIX Security Symposium  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.8 MB)
https://web.archive.org/web/20210814065314/https://www.usenix.org/system/files/sec21fall-kim.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL. The file type is application/pdf.

In this paper, we propose a static analysis tool namely PASAN to detect peripheral access concurrency issues for embedded systems.  ...  PASAN automatically finds the MMIO address range of each peripheral device using the parser-ready memory layout documents, extracts the peripheral's internal state machines using the corresponding device drivers  ...  Acknowledgment We thank the anonymous reviewers for their valuable comments. This work was supported in part by ONR under Grants N00014-20-1-2128 and N00014-17-1-2045.  ... 
dblp:conf/uss/KimKRCKKXT21 fatcat:gu3v5p3fsjc3fd7ajj4jsac6lu
Citation

Taegyu Kim, Vireshwar Kumar, Junghwan Rhee, Jizhou Chen, Kyungtae Kim, Chung Hwan Kim, Dongyan Xu, Dave (Jing) Tian. "PASAN: Detecting Peripheral Access Concurrency Bugs within Bare-Metal Embedded Applications." USENIX Security Symposium (2021) 249-266

SmartSeed: Smart Seed Generation for Efficient Fuzzing [article]

Chenyang Lyu, Shouling Ji, Yuwei Li, Junfeng Zhou, Jianhai Chen, Jing Chen
2019 arXiv   pre-print

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.9 MB)
https://web.archive.org/web/20200906092653/https://arxiv.org/pdf/1807.02606v2.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:

2018 pre-print arXiv:1807.02606v2 fatcat:ix7vi4zervbg5cnpuopqglvos4

Other Versions

2018 pre-print
arXiv:1807.02606v1 fatcat:hjr2vlb5e5hxlb7r3khegwrisy
As shown in existing literature, the seed file selection is crucial for the efficiency of fuzzing.  ...  Second, it can generate seeds with multiple kinds of input formats and significantly improves the fuzzing performance for most applications with the same input format.  ...  As for kernel vulnerabilities, Corina et al. presented an interface-aware fuzzing tool named DIFUZE to automatically generate inputs for kernel drivers [36].  ... 
arXiv:1807.02606v3 fatcat:o3pjje523bejhhkozcbjrcdrku
Multiple Versions
Citation

Chenyang Lyu, Shouling Ji, Yuwei Li, Junfeng Zhou, Jianhai Chen, Jing Chen. "SmartSeed: Smart Seed Generation for Efficient Fuzzing." arXiv (2019)

PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary

Dokyung Song, Felicitas Hetzelt, Dipanjan Das, Chad Spensky, Yeoul Na, Stijn Volckaert, Giovanni Vigna, Christopher Kruegel, Jean-Pierre Seifert, Michael Franz
2019 Proceedings 2019 Network and Distributed System Security Symposium   unpublished

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (461.6 kB)
https://web.archive.org/web/20210718043532/https://lirias2repo.kuleuven.be/bitstream/handle/123456789/664572/2019_NDSS_PeriScope.pdf;jsessionid=EA277E366F30325DD24F03A42A9C2D58?sequence=2

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL. The file type is application/pdf.

The OS kernel is an attractive target for remote attackers.  ...  Ongoing kernel protection efforts have focused primarily on securing this boundary; several capable analysis and fuzzing frameworks have been developed for this purpose.  ...  ACKNOWLEDGMENT The authors would like to thank the anonymous reviewers for their valuable feedback. The authors also thank Paul Kirth and Joseph Nash for their help with proofreading this paper.  ... 
doi:10.14722/ndss.2019.23176 fatcat:2etqtt3pmrdptn76ylqa2eu3mu
Citation

Dokyung Song, Felicitas Hetzelt, Dipanjan Das, Chad Spensky, Yeoul Na, Stijn Volckaert, Giovanni Vigna, Christopher Kruegel, Jean-Pierre Seifert, Michael Franz. "PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary." Proceedings 2019 Network and Distributed System Security Symposium (2019)

Karonte: Detecting Insecure Multi-binary Interactions in Embedded Firmware

Nilo Redini, Aravind Machiry, Ruoyu Wang, Chad Spensky, Andrea Continella, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna
2020 2020 IEEE Symposium on Security and Privacy (SP)  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (620.7 kB)
https://web.archive.org/web/20220527032942/https://ieeexplore.ieee.org/ielx7/9144328/9152199/09152796.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL. The file type is application/pdf.

Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright notation thereon.  ...  ACKNOWLEDGEMENTS We would like to thank our reviewers for their valuable comments and inputs to improve our paper. We also thank Ph.D. Sajjad Arshad and Prof.  ...  DIFUZE [10] uses the interface information extracted using static analysis for fuzzing mobile kernel drivers.  ... 
doi:10.1109/sp40000.2020.00036 dblp:conf/sp/RediniM0SCSKV20 fatcat:5e7tovoefjalndgcdtmrmavmty
Citation

Nilo Redini, Aravind Machiry, Ruoyu Wang, Chad Spensky, Andrea Continella, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna. "Karonte: Detecting Insecure Multi-binary Interactions in Embedded Firmware." 2020 IEEE Symposium on Security and Privacy (SP) (2020) 1544-1561

INFERENCE OF RESIDUAL ATTACK SURFACE UNDER MITIGATIONS

Kyriakos K Ispoglou
2019

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (4.2 MB)
https://web.archive.org/web/20200213194105/https://s3-eu-west-1.amazonaws.com/pstorage-purdue-258596361474/14991359/dissertation.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

We propose FuzzGen, a tool for automatically generating fuzzer stubs for libraries. The synthesized fuzzers are target specific, thus resulting in high code coverage.  ...  These phases include the discovery of a vulnerability in the system, its exploitation and the achieving persistence on the compromised system for (potential) further compromise and future access.  ...  DIFUZE [64] was the first approach for interface-aware fuzzing of kernel drivers.  ... 
doi:10.25394/pgs.8041202 fatcat:smkcsjll5bf6xfl47xonzm4yza
Open Access
Citation

Kyriakos K Ispoglou. "INFERENCE OF RESIDUAL ATTACK SURFACE UNDER MITIGATIONS." (2019)

Aufzeichnungsbasierte Analyse von Sperren in Betriebssystemen

Alexander Lochmann, Technische Universität Dortmund
2022

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (1.7 MB)
https://web.archive.org/web/20220130185701/https://eldorado.tu-dortmund.de/bitstream/2003/40642/1/dissertation.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL. The file type is application/pdf.

DIFUZE: Interface aware fuzzing for kernel drivers. In Proceedings of the ACM SIGSAC Conference on Com-Guancheng Chen and Per Stenstrom.  ...  Improving Linux- kernel tests for lockdoc with feedback-driven fuzzing. In Tagungsband des FG- BS Herbsttre ens , Bonn, . Gesellschaft für Informatik e.V.z. doi: . / fgbs h-.  ... 
doi:10.17877/de290r-22500 fatcat:hi7torg76nbldltvgv3rooqzzq
lang:de
Citation

Alexander Lochmann, Technische Universität Dortmund. "Aufzeichnungsbasierte Analyse von Sperren in Betriebssystemen." (2022)