event

PhD Proposal by Jinho Jung

Primary tabs

Title: Forging and Forgoing a Fuzzing Hostile Environment

 

Jinho Jung

Ph.D. Student

School of Computer Science

Georgia Institute of Technology

Email: jinho.jung@gatech.edu

 

Date: Thursday, May 14, 2020

Time: 2:30 PM to 4:00 PM (EST)

Location: *No Physical Location*

BlueJeans: https://bluejeans.com/jjung63

 

Committee:

Dr. Taesoo Kim (advisor), School of Computer Science, Georgia Institute of Technology

Dr. Joy Arluraj (co-advisor), School of Computer Science, Georgia Institute of Technology

Dr. Wenke Lee, School of Computer Science, Georgia Institute of Technology

Dr. Paul Pearce, School of Computer Science, Georgia Institute of Technology

Dr. Kyu Hyung Lee, Department of Computer Science, University of Georgia

 

Abstract:

Fuzzing is a software testing technique that quickly and automatically explores the input space of a program without knowing its internals. Therefore, developers commonly use fuzzing as part of test integration throughout the software development process. On the other hand, it also means that such a blackbox and the automatic natures of fuzzing are appealing to adversaries who are looking for zero-day vulnerabilities. In this proposal, I will present a new mitigation approach that helps developers protect the released software from attackers who are capable of applying fuzzing techniques, and a set of solutions to address the challenges COTS binary fuzzing faces.

 

1) Anti-fuzzing techniques:

I will discuss a new mitigation approach, called Fuzzification, that helps developers protect the released, binary-only software from attackers who are capable of applying state-of-the-art fuzzing techniques.

 

2) Fuzzing COTS binaries with a semi-automatic harness synthesis:

I will present a set of solutions to address the challenges of fuzzing on COTS binaries on Windows. First, my system tries to synthesize a harness for the application, a simple program that directly invokes partial target functions, based on sample executions. Then it tests the harness, instead of the original complicated program, using an efficient implementation of fork on Windows.

 

3) Fuzzing highly challenging targets:

RATs (Remote Access Trojans) are used for spying on victims. I will propose an idea to study prevalence of RATs on a large-scale. To do so, I will automatically extract RAT's signature for network scanning by using fuzzing and symbolic execution techniques on malware which was not considered as fuzzing target due to its abnormal behaviors.

Status

  • Workflow Status:Published
  • Created By:Tatianna Richardson
  • Created:04/29/2020
  • Modified By:Tatianna Richardson
  • Modified:04/29/2020

Categories

Keywords