Write a Blog >>
ASE 2020
Mon 21 - Fri 25 September 2020 Melbourne, Australia
Wed 23 Sep 2020 01:30 - 01:50 at Platypus - Software Security and Trust (1) Chair(s): Christoph Csallner

The security guarantee of SSL/TLS critically depends on the correct validation of X.509 certificate. Therefore, it is important to check whether certificate validation in SSL/TLS is implemented correctly. Differential testing has been used successfully to find semantic bugs in this domain. However, existing differential testing tools suffer from three limitations: (1) inputs are not guaranteed to be syntactically correct. (2) the diversity of inputs is not enough. (3) requiring a large number inputs for finding each semantic bug.

This paper tackles these problems by introducing SADT, a novel syntax-aware differential testing framework for testing certificate validation code. Our core insight is to mutate input by tree-based mutation to ensure generated inputs are syntactically correct, and diversify inputs by share interesting inputs among all tested SSL/TLS implementations. The generated certificates are then employed to reveal discrepancies (potential bugs) among certificate validation in all SSL/TLS implementations.

We have implemented the new syntax-aware differential testing framework, named SADT, and evaluated it against other differential testing frameworks (such as NEZHA and RFCcert) and the fuzzer AFL. In our experiment, SADT yields 64 unique discrepancies when 6 SSL/TLS implementations are tested while NEZHA, RFCcert and AFL yield 31, 15 and 2 unique discrepancies respectively. In adition, we have been reporting bugs found by SADT to the software developers. Until now, 13 bugs have been confirmed or fixed, 10 of which were previously unknown bugs among all projects.

Wed 23 Sep

Displayed time zone: (UTC) Coordinated Universal Time change

01:10 - 02:10
Software Security and Trust (1) NIER track / Tool Demonstrations / Research Papers at Platypus
Chair(s): Christoph Csallner University of Texas at Arlington
Continuous ComplianceExperience
Research Papers
Martin Kellogg University of Washington, Seattle, Martin Schäf Amazon Web Services, Serdar Tasiran Amazon Web Services, Michael D. Ernst University of Washington, USA
SADT: Syntax-Aware Differential Testing of Certificate Validation in SSL/TLS Implementions
Research Papers
Lili Quan College of Intelligence and Computing,Tianjin University, Qianyu Guo College of Intelligence and Computing, Tianjin University, Hongxu Chen Research Associate, xiexiaofei , Xiaohong Li TianJin University, Yang Liu Nanyang Technological University, Singapore, Jing Hu Tianjin Key Laboratory of Advanced Networking (TANK), College of Intelligence and Computing,Tianjin University
A Hybrid Analysis to Detect Java Serialisation Vulnerabilities
NIER track
Shawn Rasheed Massey University, Jens Dietrich Victoria University of Wellington
EXPRESS: An Energy-Efficient and Secure Framework for Mobile Edge Computing and Blockchain based Smart Systems
Tool Demonstrations
Jia Xu School of Computer Science and Technology, Anhui University, Xiao Liu School of Information Technology, Deakin University, Xuejun Li School of Computer Science and Technology, Anhui University, Lei Zhang Antwork Robotics Co., Ltm., Hangzhou, China, Yun Yang Swinburne University of Technology