國立虎尾科技大學 |

Practical Methods for Fuzzing Real-World Systems.

紀錄類型:	書目-語言資料,手稿 : Monograph/item
正題名/作者:	Practical Methods for Fuzzing Real-World Systems./
作者:	Srivastava, Prashast.
面頁冊數:	1 online resource (146 pages)
附註:	Source: Dissertations Abstracts International, Volume: 85-01, Section: A.
Contained By:	Dissertations Abstracts International85-01A.
標題:	Web studies. -
電子資源:	click for full text (PQDT)
ISBN:	9798379875756

Practical Methods for Fuzzing Real-World Systems.
Srivastava, Prashast.

Practical Methods for Fuzzing Real-World Systems. - 1 online resource (146 pages)

Source: Dissertations Abstracts International, Volume: 85-01, Section: A.

Thesis (Ph.D.)--Purdue University, 2023.

Includes bibliographical references

The current software ecosystem is exceptionally complex. A key defining feature of this complexity is the vast input space that software applications must process. This feature inhibits fuzzing (an effective automated testing methodology) in uncovering deep bugs (i.e., bugs with complex preconditions). We improve the bug-finding capabilities of fuzzers by reducing the input space that they have to explore. Our techniques incorporate domain knowledge from the software under test. In this dissertation, we research how to incorporate domain knowledge in different scenarios across a variety of software domains and test objectives to perform deep bug discovery.We start by focusing on language interpreters that form the backend of our web ecosystem. Uncovering deep bugs in these interpreters requires synthesizing inputs that perform a diverse set of semantic actions. To tackle this issue, we present Gramatron, a fuzzer that employs grammar automatons to speed up bug discovery. Then, we explore firmwares belonging to the rapidly growing IoT ecosystem which generally lack thorough testing. FirmFuzz infers the appropriate runtime state required to trigger vulnerabilities in these firmwares using the domain knowledge encoded in the user-facing network applications. Additionally, we showcase how our proposed strategy to incorporate domain knowledge is beneficial under alternative testing scenarios where a developer analyzes specific code locations, e.g., for patch testing. SieveFuzz leverages knowledge of targeted code locations to prohibit exploration of code regions and correspondingly parts of the input space that are irrelevant to reaching the target location. Finally, we move beyond the realm of memory-safety vulnerabilities and present how domain knowledge can be useful in uncovering logical bugs, specifically deserialization vulnerabilities in Java-based applications with Crystallizer. Crystallizer uses a hybrid analysis methodology to first infer an over-approximate set of possible payloads through static analysis (to constrain the search space). Then, it uses dynamic analysis to instantiate concrete payloads as a proof-of-concept of a deserialization vulnerability.Throughout these four diverse areas we thoroughly demonstrate how incorporating domain knowledge can massively improve bug finding capabilities. Our research has developed tooling that not only outperforms the existing state-of-the-art in terms of efficient bug discovery (with speeds up to 117% faster), but has also uncovered 18 previously unknown bugs, with five CVEs assigned.

Electronic reproduction.
Ann Arbor, Mich. :
ProQuest,
2024

Mode of access: World Wide Web

ISBN: 9798379875756Subjects--Topical Terms:

1148502
Web studies.
Index Terms--Genre/Form:

554714
Electronic books.

Practical Methods for Fuzzing Real-World Systems.
LDR:03818ntm a22003617 4500 001 1142650
005 20240422071038.5
006 m o d
007 cr mn ---uuuuu
008 250605s2023 xx obm 000 0 eng d
020 $a 9798379875756
035 $a (MiAaPQ)AAI30540018
035 $a (MiAaPQ)Purdue22693258
035 $a AAI30540018
040 $a MiAaPQ $b eng $c MiAaPQ $d NTU
100 1 $a Srivastava, Prashast. $3 1467053
245 1 0 $a Practical Methods for Fuzzing Real-World Systems.
264 0 $c 2023
300 $a 1 online resource (146 pages)
336 $a text $b txt $2 rdacontent
337 $a computer $b c $2 rdamedia
338 $a online resource $b cr $2 rdacarrier
500 $a Source: Dissertations Abstracts International, Volume: 85-01, Section: A.
500 $a Advisor: Payer, Mathias.
502 $a Thesis (Ph.D.)--Purdue University, 2023.
504 $a Includes bibliographical references
520 $a The current software ecosystem is exceptionally complex. A key defining feature of this complexity is the vast input space that software applications must process. This feature inhibits fuzzing (an effective automated testing methodology) in uncovering deep bugs (i.e., bugs with complex preconditions). We improve the bug-finding capabilities of fuzzers by reducing the input space that they have to explore. Our techniques incorporate domain knowledge from the software under test. In this dissertation, we research how to incorporate domain knowledge in different scenarios across a variety of software domains and test objectives to perform deep bug discovery.We start by focusing on language interpreters that form the backend of our web ecosystem. Uncovering deep bugs in these interpreters requires synthesizing inputs that perform a diverse set of semantic actions. To tackle this issue, we present Gramatron, a fuzzer that employs grammar automatons to speed up bug discovery. Then, we explore firmwares belonging to the rapidly growing IoT ecosystem which generally lack thorough testing. FirmFuzz infers the appropriate runtime state required to trigger vulnerabilities in these firmwares using the domain knowledge encoded in the user-facing network applications. Additionally, we showcase how our proposed strategy to incorporate domain knowledge is beneficial under alternative testing scenarios where a developer analyzes specific code locations, e.g., for patch testing. SieveFuzz leverages knowledge of targeted code locations to prohibit exploration of code regions and correspondingly parts of the input space that are irrelevant to reaching the target location. Finally, we move beyond the realm of memory-safety vulnerabilities and present how domain knowledge can be useful in uncovering logical bugs, specifically deserialization vulnerabilities in Java-based applications with Crystallizer. Crystallizer uses a hybrid analysis methodology to first infer an over-approximate set of possible payloads through static analysis (to constrain the search space). Then, it uses dynamic analysis to instantiate concrete payloads as a proof-of-concept of a deserialization vulnerability.Throughout these four diverse areas we thoroughly demonstrate how incorporating domain knowledge can massively improve bug finding capabilities. Our research has developed tooling that not only outperforms the existing state-of-the-art in terms of efficient bug discovery (with speeds up to 117% faster), but has also uncovered 18 previously unknown bugs, with five CVEs assigned.
533 $a Electronic reproduction. $b Ann Arbor, Mich. : $c ProQuest, $d 2024
538 $a Mode of access: World Wide Web
650 4 $a Web studies. $3 1148502
650 4 $a Logic. $3 558909
650 4 $a Information technology. $3 559429
650 4 $a Computer science. $3 573171
650 4 $a Payloads. $3 1467054
650 4 $a Semantics. $3 555362
650 4 $a Libraries. $3 933781
650 4 $a Software. $2 gtt $3 574116
650 4 $a Grammar. $3 678098
655 7 $a Electronic books. $2 local $3 554714
690 $a 0984
690 $a 0489
690 $a 0395
690 $a 0646
710 2 $a Purdue University. $3 1184550
710 2 $a ProQuest Information and Learning Co. $3 1178819
773 0 $t Dissertations Abstracts International $g 85-01A.
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=30540018 $z click for full text (PQDT)