{"641800":{"#nid":"641800","#data":{"type":"event","title":"PhD Proposal  by Wen Xu","body":[{"value":"\u003Cp\u003ETitle: An IR-based Fuzzing Approach for Finding Context-Aware Bugs in API-based Systems\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EWen Xu\u003C\/p\u003E\r\n\r\n\u003Cp\u003EPh.D. Student\u003C\/p\u003E\r\n\r\n\u003Cp\u003ESchool of Computer Science\u003C\/p\u003E\r\n\r\n\u003Cp\u003ECollege of Computing\u003C\/p\u003E\r\n\r\n\u003Cp\u003EGeorgia Institute of Technology\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDate: Wednesday, December 2, 2020\u003C\/p\u003E\r\n\r\n\u003Cp\u003ETime: 1:00 pm - 2:30 pm (EST)\u003C\/p\u003E\r\n\r\n\u003Cp\u003ELocation: *No Physical Location*\u003C\/p\u003E\r\n\r\n\u003Cp\u003EBlueJeans: \u003Ca href=\u0022https:\/\/gatech.bluejeans.com\/5992360268\u0022\u003Ehttps:\/\/gatech.bluejeans.com\/5992360268\u003C\/a\u003E\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003ECommittee:\u003C\/p\u003E\r\n\r\n\u003Cp\u003E---------------\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Taesoo Kim (Advisor, School of Computer Science, Georgia Institute of Technology)\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Wenke Lee (School of Computer Science, Georgia Institute of Technology)\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Alessandro Orso (School of Computer Science, Georgia Institute of Technology)\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Qirun Zhang (School of Computer Science, Georgia Institute of Technology)\u003C\/p\u003E\r\n\r\n\u003Cp\u003EDr. Weidong Cui (Microsoft Research Redmond)\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EAbstract:\u003C\/p\u003E\r\n\r\n\u003Cp\u003E---------------\u003C\/p\u003E\r\n\r\n\u003Cp\u003EFuzzing, a time-honored software testing approach, has gained increasing\u003C\/p\u003E\r\n\r\n\u003Cp\u003Epopularity in recent years. With the emerging utilization of coverage\u003C\/p\u003E\r\n\r\n\u003Cp\u003Efeedback, random inputs generated by merely byte- or syntactic-level\u003C\/p\u003E\r\n\r\n\u003Cp\u003Emutations effectively discover numerous bugs in the real-world programs that\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eaccept binary or structural inputs. Nevertheless, API-based systems, a large\u003C\/p\u003E\r\n\r\n\u003Cp\u003Egroup of security critical software including OS kernels and web browsers,\u003C\/p\u003E\r\n\r\n\u003Cp\u003Ethat accept a program input comprising API calls are the exceptions. The deep\u003C\/p\u003E\r\n\r\n\u003Cp\u003Econtext-aware bugs in API-based systems involve semantically correct inputs\u003C\/p\u003E\r\n\r\n\u003Cp\u003Ewith certain context complexity. Such inputs are hardly constructed in a\u003C\/p\u003E\r\n\r\n\u003Cp\u003Econtext-insensitive manner even with feedback guidance in practice.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EIn this proposal, we first present two state-of-the-art fuzzers that find\u003C\/p\u003E\r\n\r\n\u003Cp\u003Econtext-aware bugs in different API-based systems with domain-specific\u003C\/p\u003E\r\n\r\n\u003Cp\u003Edesigns. The first one is Janus, a kernel file system fuzzer. In the design\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eof Janus, we first time introduce the concept of context-aware API\u003C\/p\u003E\r\n\r\n\u003Cp\u003Egeneration. Particularly, Janus maintains file object states to generate\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eevery file operation and updates the states after generation in order to avoid\u003C\/p\u003E\r\n\r\n\u003Cp\u003Esemantic errors. The second one is FREEDOM, a DOM engine fuzzer. Unlike the\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eprevious fuzzers that can only generate random HTML documents based on\u003C\/p\u003E\r\n\r\n\u003Cp\u003Econtext-free grammars, FREEDOM designs a custom IR for HTML document to\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eenable both DOM API generation and mutation in a context-aware manner.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EFinally, we will propose GAF (General-API-Fuzzing), an API fuzzing platform\u003C\/p\u003E\r\n\r\n\u003Cp\u003Ethat adopts a general IR-based solution to context-aware API call generation\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eand mutation for any type of common API-based systems. GAF provides a\u003C\/p\u003E\r\n\r\n\u003Cp\u003Epseudoformal language for the developers to define not only API prototypes but\u003C\/p\u003E\r\n\r\n\u003Cp\u003Ealso context interactions. GAF then automatically compiles an API grammar\u003C\/p\u003E\r\n\r\n\u003Cp\u003Efile into a fuzzing engine that generates random API programs represented in\u003C\/p\u003E\r\n\r\n\u003Cp\u003EGAF IR based on the grammar. A GAF IR program can also be mutated into new\u003C\/p\u003E\r\n\r\n\u003Cp\u003Eones with context-awareness for testing. In general, GAF aims at being the\u003C\/p\u003E\r\n\r\n\u003Cp\u003Efirst design standard for general API fuzzers and facilitating bug finding\u003C\/p\u003E\r\n\r\n\u003Cp\u003Ein real-world API-based systems.\u003C\/p\u003E\r\n","summary":null,"format":"limited_html"}],"field_subtitle":"","field_summary":"","field_summary_sentence":[{"value":"An IR-based Fuzzing Approach for Finding Context-Aware Bugs in API-based Systems "}],"uid":"27707","created_gmt":"2020-12-02 20:07:39","changed_gmt":"2020-12-02 20:07:39","author":"Tatianna Richardson","boilerplate_text":"","field_publication":"","field_article_url":"","field_event_time":{"event_time_start":"2020-12-02T13:00:00-05:00","event_time_end":"2020-12-02T15:00:00-05:00","event_time_end_last":"2020-12-02T15:00:00-05:00","gmt_time_start":"2020-12-02 18:00:00","gmt_time_end":"2020-12-02 20:00:00","gmt_time_end_last":"2020-12-02 20:00:00","rrule":null,"timezone":"America\/New_York"},"extras":[],"groups":[{"id":"221981","name":"Graduate Studies"}],"categories":[],"keywords":[{"id":"102851","name":"Phd proposal"}],"core_research_areas":[],"news_room_topics":[],"event_categories":[{"id":"1788","name":"Other\/Miscellaneous"}],"invited_audience":[{"id":"78761","name":"Faculty\/Staff"},{"id":"78771","name":"Public"},{"id":"174045","name":"Graduate students"},{"id":"78751","name":"Undergraduate students"}],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[],"email":[],"slides":[],"orientation":[],"userdata":""}}}