|MONTESEL PAOLO||Cycle: XXXIV |
Section: Computer Science and Engineering
Tutor: TANCA LETIZIA
Advisor: ZANERO STEFANO Major Research topic
:Advanced techniques for automated vulnerability discoveryAbstract:
In recent years, fuzz testing has shown great promise in automatically discovering security bugs in a wide range of software. Indeed, it is proving to be so effective that the software industry is beginning to use it as a complement of manual software tests. Still, fuzzing has well-known shortcomings that prevents it from discovering bugs hidden deep in the program execution flow. On the end of the spectrum, symbolic execution and other advanced techniques have been used to analyze and test complex scenarios, but fail to scale with the size of the program under test. In this work, we develop novel mechanisms to make fuzzing more effective and tackle its weak spots without losing its main advantage: execution speed. As study cases, we focus on fuzzing hypervisors and parsers because both areas stress specific issues of simple coverage-guided fuzzers: complexity and hidden state.