HFL: Hybrid Fuzzing on the Linux Kernel

最新推荐文章于 2024-05-22 14:29:33 发布

原创

最新推荐文章于 2024-05-22 14:29:33 发布 · 1.1k 阅读

0 ·

CC 4.0 BY-SA版权

一、背景相关

1.1 会议背景

NDSS 会议（The Network and Distributed System Security Symposium）是和CCS，USENIX SECURITY及IEEE S&P并称的计算机系统安全领域的四大顶级会议。网络和分布式系统安全研讨会（NDSS）促进了网络和分布式系统安全的研究人员和从业人员之间的信息交换。目标受众包括对网络和分布式系统安全性的实际方面感兴趣的人员，重点是实际的系统设计和实现。一个主要目标是鼓励和使Internet社区能够应用，部署和提高可用安全技术的状态。

NDSS 2020会议于2020年2月23日至26日在加利福尼亚州圣地亚哥的双体船度假酒店及水疗中心举行。关于模糊测试，本次会议主要收录了四篇论文，分别是：

\1. HYPER-CUBE: High-Dimensional Hypervisor Fuzzing

\2. HFL: Hybrid Fuzzing on the Linux Kernel

\3. HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing

\4. Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization

1.2 作者信息

本篇论文是由六位作者合作完成的，分别是：Kyungtae Kim、 Dae R. Jeong、 Chung Hwan Kim、 Yeongjin Jang、Insik Shin*、*Byoungyoung Lee。其中一作为Kyungtae Kim，来自普渡大学，其主要研究方向为系统和软件安全、程序分析、深度学习安全等。

在这里插入图片描述

图作者信息

1.3 论文摘要

Abstract—Hybrid fuzzing, combining symbolic execution and fuzzing, is a promising approach for vulnerability discovery because each approach can complement the other. However, we observe that applying hybrid fuzzing to kernel testing is challenging because the following unique characteristics of the kernel make a naive adoption of hybrid fuzzing inefficient: 1) having indirect control transfers determined by system call arguments, 2) controlling and matching internal system state via system calls, and 3) inferring nested argument type for invoking system calls. Failure to handling such challenges will render both fuzzing and symbolic execution inefficient, and thereby, will result in an inefficient hybrid fuzzing. Although these challenges are essential to both fuzzing and symbolic execution, to the best of our knowledge, existing ker