Jinho Jung

Ph.D. Student

School of Computer Science

Georgia Institute of Technology

Email: jinho.jung@gatech.edu

Date: Thursday, May 14, 2020

Time: 2:30 PM to 4:00 PM (EST)

Location: *No Physical Location*

BlueJeans: https://bluejeans.com/jjung63

Committee:

Dr. Taesoo Kim (advisor), School of Computer Science, Georgia Institute of Technology

Dr. Joy Arluraj (co-advisor), School of Computer Science, Georgia Institute of Technology

Dr. Wenke Lee, School of Computer Science, Georgia Institute of Technology

Dr. Paul Pearce, School of Computer Science, Georgia Institute of Technology

Dr. Kyu Hyung Lee, Department of Computer Science, University of Georgia

Abstract:

Fuzzing is a software testing technique that quickly and automatically explores the input space of a program without knowing its internals. Therefore, developers commonly use fuzzing as part of test integration throughout the software development process. On the other hand, it also means that such a blackbox and the automatic natures of fuzzing are appealing to adversaries who are looking for zero-day vulnerabilities. In this proposal, I will present a new mitigation approach that helps developers protect the released software from attackers who are capable of applying fuzzing techniques, and a set of solutions to address the challenges COTS binary fuzzing faces.

1) Anti-fuzzing techniques:

I will discuss a new mitigation approach, called Fuzzification, that helps developers protect the released, binary-only software from attackers who are capable of applying state-of-the-art fuzzing techniques.

2) Fuzzing COTS binaries with a semi-automatic harness synthesis:

I will present a set of solutions to address the challenges of fuzzing on COTS binaries on Windows. First, my system tries to synthesize a harness for the application, a simple program that directly invokes partial target functions, based on sample executions. Then it tests the harness, instead of the original complicated program, using an efficient implementation of fork on Windows.

3) Fuzzing highly challenging targets:

RATs (Remote Access Trojans) are used for spying on victims. I will propose an idea to study prevalence of RATs on a large-scale. To do so, I will automatically extract RAT's signature for network scanning by using fuzzing and symbolic execution techniques on malware which was not considered as fuzzing target due to its abnormal behaviors.