DC Field | Value | Language |
---|---|---|
dc.contributor.author | Su Yong Kim | ko |
dc.contributor.author | Sangho Lee | ko |
dc.contributor.author | Insu Yun | ko |
dc.contributor.author | Wen Xu | ko |
dc.contributor.author | Byoungyoung Lee | ko |
dc.contributor.author | Youngtae Yun | ko |
dc.contributor.author | Taesoo Kim | ko |
dc.date.accessioned | 2021-02-08T00:30:19Z | - |
dc.date.available | 2021-02-08T00:30:19Z | - |
dc.date.created | 2021-02-08 | - |
dc.date.created | 2021-02-08 | - |
dc.date.created | 2021-02-08 | - |
dc.date.issued | 2017-07-14 | - |
dc.identifier.citation | 2017 USENIX Annual Technical Conference (ATC '17), pp.689 - 701 | - |
dc.identifier.uri | http://hdl.handle.net/10203/280628 | - |
dc.description.abstract | Discovering the security vulnerabilities of commercial off-the-shelf (COTS) operating systems (OSes) is challenging because they not only are huge and complex, but also lack detailed debug information. Concolic testing, which generates all feasible inputs of a program by using symbolic execution and tests the program with the generated inputs, is one of the most promising approaches to solve this problem. Unfortunately, the state-of-the-art concolic testing tools do not scale well for testing COTS OSes because of state explosion. Indeed, they often fail to find a single bug (or crash) in COTS OSes despite their long execution time. In this paper, we propose CAB-FUZZ (Context-Aware and Boundary-focused), a practical concolic testing tool to quickly explore interesting paths that are highly likely triggering real bugs without debug information. First, CAB-FUZZ prioritizes the boundary states of arrays and loops, inspired by the fact that many vulnerabilities originate from a lack of proper boundary checks. Second, CAB-FUZZ exploits real programs interacting with COTS OSes to construct proper contexts to explore deep and complex kernel states without debug information. We applied CAB-FUZZ to Windows 7 and Windows Server 2008 and found 21 undisclosed unique crashes, including two local privilege escalation vulnerabilities (CVE-2015-6098 and CVE-2016-0040) and one information disclosure vulnerability in a cryptography driver (CVE-2016-7219). CAB-FUZZ found vulnerabilities that are non-trivial to discover; five vulnerabilities have existed for 14 years, and we could trigger them even in the initial version of Windows XP (August 2001). | - |
dc.language | English | - |
dc.publisher | USENIX Association | - |
dc.title | CAB-FUZZ: Practical concolic testing techniques for COTS operating systems | - |
dc.type | Conference | - |
dc.identifier.wosid | 000428763500052 | - |
dc.identifier.scopusid | 2-s2.0-85053025905 | - |
dc.type.rims | CONF | - |
dc.citation.beginningpage | 689 | - |
dc.citation.endingpage | 701 | - |
dc.citation.publicationname | 2017 USENIX Annual Technical Conference (ATC '17) | - |
dc.identifier.conferencecountry | US | - |
dc.identifier.conferencelocation | Santa Clara | - |
dc.contributor.localauthor | Insu Yun | - |
dc.contributor.nonIdAuthor | Su Yong Kim | - |
dc.contributor.nonIdAuthor | Sangho Lee | - |
dc.contributor.nonIdAuthor | Wen Xu | - |
dc.contributor.nonIdAuthor | Byoungyoung Lee | - |
dc.contributor.nonIdAuthor | Youngtae Yun | - |
dc.contributor.nonIdAuthor | Taesoo Kim | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.