Tue 27 Oct 2020 21:30 - 21:45 at Infante - Testing tools Chair(s): René Just, Andy Zaidman
Server fuzzing is difficult. Unlike simple command-line tools, servers feature a massive state space that can be traversed effectively only with well-defined sequences of input messages. Valid sequences are specified in a protocol. In this paper, we present AFLNET, the first greybox fuzzer for protocol implementations. Unlike existing protocol fuzzers, AFLNET takes a mutational approach and uses state-feedback to guide the fuzzing process. AFLNET is seeded with a corpus of recorded message exchanges between the server and an actual client. No protocol specification or message grammars are required. AFLNET acts as a client and replays variations of the original sequence of messages sent to the server and retains those variations that were effective at increasing the coverage of the code or state space. To identify the server states that are exercised by a message sequence, AFLNET uses the server’s response codes. From this feedback, AFLNET identifies progressive regions in the state space, and systematically steers towards such regions. The case studies with AFLNET on two popular protocol implementations demonstrate a substantial performance boost over the state-of the-art. AFLNET discovered two new CVEs which are classified as critical (CVSS score CRITICAL 9.8).
Tue 27 OctDisplayed time zone: Lisbon change
10:00 - 11:00 | Testing toolsTesting Tools Track at Infante +11h Chair(s): René Just University of Washington, USA, Andy Zaidman Delft University of Technology | ||
10:00 15mTalk | Callisto: Entropy-based Test Generation and Data Quality Assessment for Machine Learning Systems Testing Tools Track Sakshi Udeshi , Xingbin Jiang Singapore University of Technology and Design, Sudipta Chattopadhyay Singapore University of Technology and Design Link to publication DOI | ||
10:15 15mTalk | Run Java Applications and Test Them In-Vivo Meantime Testing Tools Track Antonia Bertolino CNR-ISTI, Guglielmo De Angelis CNR-IASI, CNR-ISTI, Breno Miranda Federal University of Pernambuco, Paolo Tonella Università della Svizzera Italiana (USI) Link to publication DOI | ||
10:30 15mTalk | AFLNet: A Greybox Fuzzer for Network Protocols Testing Tools Track Van-Thuan Pham Monash University, Marcel Böhme Monash University, Australia, Abhik Roychoudhury National University of Singapore, Singapore Link to publication DOI | ||
10:45 15mTalk | ct-fuzz: Fuzzing for Timing Leaks Testing Tools Track Shaobo He University of Utah, Michael Emmi Amazon Web Services, Gabriela Ciocarlie SRI International Link to publication DOI | ||
21:00 - 22:00 | Testing toolsTesting Tools Track at Infante Chair(s): René Just University of Washington, USA, Andy Zaidman Delft University of Technology | ||
21:00 15mTalk | Callisto: Entropy-based Test Generation and Data Quality Assessment for Machine Learning Systems Testing Tools Track Sakshi Udeshi , Xingbin Jiang Singapore University of Technology and Design, Sudipta Chattopadhyay Singapore University of Technology and Design Link to publication DOI | ||
21:15 15mTalk | Run Java Applications and Test Them In-Vivo Meantime Testing Tools Track Antonia Bertolino CNR-ISTI, Guglielmo De Angelis CNR-IASI, CNR-ISTI, Breno Miranda Federal University of Pernambuco, Paolo Tonella Università della Svizzera Italiana (USI) Link to publication DOI | ||
21:30 15mTalk | AFLNet: A Greybox Fuzzer for Network Protocols Testing Tools Track Van-Thuan Pham Monash University, Marcel Böhme Monash University, Australia, Abhik Roychoudhury National University of Singapore, Singapore Link to publication DOI | ||
21:45 15mTalk | ct-fuzz: Fuzzing for Timing Leaks Testing Tools Track Shaobo He University of Utah, Michael Emmi Amazon Web Services, Gabriela Ciocarlie SRI International Link to publication DOI | ||