Attack surface analysis and code coverage improvement for fuzzing
As cybercrime becoming a worldwide threat in the past decades, research on cybersecurity keeps attracting a great deal of attention. During a long time competition between attackers and defenders, vulnerability detection has been considered as the decisive pre-step for both sides. Among the massive...
Main Author: | |
---|---|
Other Authors: | |
Format: | Thesis |
Language: | English |
Published: |
2019
|
Subjects: | |
Online Access: | https://hdl.handle.net/10356/105642 http://hdl.handle.net/10220/50270 |
_version_ | 1811683187501301760 |
---|---|
author | Peng, Lunan |
author2 | Liu Yang |
author_facet | Liu Yang Peng, Lunan |
author_sort | Peng, Lunan |
collection | NTU |
description | As cybercrime becoming a worldwide threat in the past decades, research on cybersecurity keeps attracting a great deal of attention. During a long time competition between attackers and defenders, vulnerability detection has been considered as the decisive pre-step for both sides. Among the massive methodologies of vulnerability detection, fuzzing test has demonstrated its outstanding performance on finding bugs automatically and effectively.
A fuzzer repeatedly provides generative-based or mutation-based samples to the target program to explore misbehavior of it. Even though many boosting techniques have been proposed to further improve the efficiency of fuzzing, nowadays there are still two crucial aspects remaining with enduring appeal to researchers: one is attack surface analysis to help fuzzers put more effort on the most potentially vulnerable locations, another one is code coverage improvement to guide fuzzers to explore more code regions.
In this thesis, we present attack surface analysis and code coverage improvement for fuzzing. In the first work, we choose Linux Kernel as the target, categorize its source files into different components upon their functionalities. Then we collect data of all related Common Vulnerabilities and Exposures (CVE) and analyze their distributive features to identify the vulnerable level of each component. In the second work, we utilize the rarely-hit edges as the metric to guide a multi-round generative-based fuzzing on Document Object Model (DOM) of Chromium browser. We use the default template to generate a large number of samples in the first fuzzing round, compute the hit times of all covered edges and find out samples that cover any rarely-hit edges as templates for the second round fuzzing. The approach achieved an obvious improvement on the code coverage of newly generated samples compared to the default one. |
first_indexed | 2024-10-01T04:08:45Z |
format | Thesis |
id | ntu-10356/105642 |
institution | Nanyang Technological University |
language | English |
last_indexed | 2024-10-01T04:08:45Z |
publishDate | 2019 |
record_format | dspace |
spelling | ntu-10356/1056422023-02-28T23:39:31Z Attack surface analysis and code coverage improvement for fuzzing Peng, Lunan Liu Yang Wu Hongjun School of Physical and Mathematical Sciences Science::Mathematics As cybercrime becoming a worldwide threat in the past decades, research on cybersecurity keeps attracting a great deal of attention. During a long time competition between attackers and defenders, vulnerability detection has been considered as the decisive pre-step for both sides. Among the massive methodologies of vulnerability detection, fuzzing test has demonstrated its outstanding performance on finding bugs automatically and effectively. A fuzzer repeatedly provides generative-based or mutation-based samples to the target program to explore misbehavior of it. Even though many boosting techniques have been proposed to further improve the efficiency of fuzzing, nowadays there are still two crucial aspects remaining with enduring appeal to researchers: one is attack surface analysis to help fuzzers put more effort on the most potentially vulnerable locations, another one is code coverage improvement to guide fuzzers to explore more code regions. In this thesis, we present attack surface analysis and code coverage improvement for fuzzing. In the first work, we choose Linux Kernel as the target, categorize its source files into different components upon their functionalities. Then we collect data of all related Common Vulnerabilities and Exposures (CVE) and analyze their distributive features to identify the vulnerable level of each component. In the second work, we utilize the rarely-hit edges as the metric to guide a multi-round generative-based fuzzing on Document Object Model (DOM) of Chromium browser. We use the default template to generate a large number of samples in the first fuzzing round, compute the hit times of all covered edges and find out samples that cover any rarely-hit edges as templates for the second round fuzzing. The approach achieved an obvious improvement on the code coverage of newly generated samples compared to the default one. Master of Science 2019-10-29T06:25:54Z 2019-12-06T21:55:09Z 2019-10-29T06:25:54Z 2019-12-06T21:55:09Z 2019 Thesis Peng, L. (2019). Attack surface analysis and code coverage improvement for fuzzing. Master's thesis, Nanyang Technological University, Singapore. https://hdl.handle.net/10356/105642 http://hdl.handle.net/10220/50270 10.32657/10356/105642 en 79 p. application/pdf |
spellingShingle | Science::Mathematics Peng, Lunan Attack surface analysis and code coverage improvement for fuzzing |
title | Attack surface analysis and code coverage improvement for fuzzing |
title_full | Attack surface analysis and code coverage improvement for fuzzing |
title_fullStr | Attack surface analysis and code coverage improvement for fuzzing |
title_full_unstemmed | Attack surface analysis and code coverage improvement for fuzzing |
title_short | Attack surface analysis and code coverage improvement for fuzzing |
title_sort | attack surface analysis and code coverage improvement for fuzzing |
topic | Science::Mathematics |
url | https://hdl.handle.net/10356/105642 http://hdl.handle.net/10220/50270 |
work_keys_str_mv | AT penglunan attacksurfaceanalysisandcodecoverageimprovementforfuzzing |