PS-Fuzz: Efficient Graybox Firmware Fuzzing Based on Protocol State
نویسندگان
چکیده
منابع مشابه
Learn&Fuzz: machine learning for input fuzzing
Fuzzing consists of repeatedly testing an application with modified, or fuzzed, inputs with the goal of finding security vulnerabilities in input-parsing code. In this paper, we show how to automate the generation of an input grammar suitable for input fuzzing using sample inputs and neural-network-based statistical machine-learning techniques. We present a detailed case study with a complex in...
متن کاملImproving Protocol State Fuzzing of SSH
With the scale and use of the Internet nowadays, it is crucial that we can effectively test the correctness and security of systems that handle our personal data. In this thesis, we improve upon a previous work by Verleg. Verleg used protocol state fuzzing to test several implementations of the SSH protocol. By adapting a more formal methodology, we achieve higher confidence in our results. We ...
متن کاملProtocol State Fuzzing of TLS Implementations
We describe a largely automated and systematic analysis of TLS implementations by what we call ‘protocol state fuzzing’: we use state machine learning to infer state machines from protocol implementations, using only blackbox testing, and then inspect the inferred state machines to look for spurious behaviour which might be an indication of flaws in the program logic. For detecting the presence...
متن کاملEfficient Model-based Fuzz Testing Using Higher-order Attribute Grammars
Format specifications of data input are critical to model-based fuzz testing. Present methods cannot describe the format accurately, which leads to high redundancy in testing practices. In order to improve testing efficiency, we propose a grammar-driven approach to fuzz testing. Firstly, we build a formal model of data format using higher-order attribute grammars, and construct syntax tree on t...
متن کاملEfficient Program Exploration by Input Fuzzing
One of the issues of a malware detection service is to update its database. For that, an analysis of new samples must be performed. Usually, one tries to replay the behavior of malware in a safe environment. But, a bot sample may activate a malicious function only if it receives some particular input from its command and control server. The game is to find inputs which activate all relevant bra...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal on Artificial Intelligence
سال: 2021
ISSN: 2579-003X
DOI: 10.32604/jai.2021.017328