event
PhD Proposal by Yongheng Chen
Primary tabs
Title
Detect Program Property Violations Using Fuzzing
Yongheng Chen
Ph.D. Candidate in Computer Science
School of Cybersecurity and Privacy
Georgia Institute of Technology
Date/Time: Nov 20, 2023, 11:00 AM to 12:00 PM Eastern Time (US and Canada)
Location: Coda C1008 Bolton or join with zoom
Committee:
Dr. Wenke Lee (advisor), School of Cybersecurity and Privacy, Georgia Institute of Technology
Dr. Saman Zonouz, School of Cybersecurity and Privacy, Georgia Institute of Technology
Dr. Brendan Saltaformaggio, School of Cybersecurity and Privacy, Georgia Institute of Technology
Dr. Daniel Genkin, School of Cybersecurity and Privacy, Georgia Institute of Technology
Dr. László Szekeres, Google
Abstract:
Fuzzing is a widely recognized technique in detecting program property violations such as crashing. However, its effectiveness is primarily limited by two factors: first, the challenge of achieving comprehensive code coverage due to modern software's complex input domains and stringent input requirements; and second, even with high coverage, current fuzzing methods struggle to identify non-crashing property violations.
This PhD proposal aims to systematically address these constraints. We first improve fuzzing effectiveness by developing enhanced methodologies for test case generation and redesigning parallel fuzzing’s architecture. Then we refine the detection capabilities of fuzzing, allowing it to capture a broader spectrum of property violations, particularly those that do not manifest through crashes. By integrating these enhancements, the proposed research aspires to better apply fuzzing to safeguard software systems against a wider array of vulnerabilities.
Groups
Status
- Workflow Status:Published
- Created By:Tatianna Richardson
- Created:11/08/2023
- Modified By:Tatianna Richardson
- Modified:11/08/2023
Categories
Keywords
Target Audience