Hydra is the First Fuzzing Framework to Find Any System Bug

*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************

Contact

Tess Malone, Communications Officer

tess.malone@cc.gatech.edu

Sidebar Content
No sidebar content submitted.
Summaries

Summary Sentence:

Called Hydra, the framework provides building blocks for file system fuzzers to find semantic errors, helping developers save time.

Full Summary:

No summary paragraph submitted.

Media
  • Hydra Hydra
    (image/png)

Georgia Tech researchers have developed a new tool that can find one of the most challenging types of bug.

Called Hydra, the framework provides building blocks for file system fuzzers to find semantic errors, helping developers save time. Using Hydra, the researchers have found 155 new bugs in Linux file systems.

“The name Hydra comes from the Greek mythological monster that has multiple heads because our approach brings multiple bug checkers into a unified framework, enabling the testing of multiple aspects of file systems,” said School of Computer Science (SCS) Ph.D. student Seulbae Kim.

Finding Semantic Bugs

File systems are the center of any operating systems. Yet as they grow larger, the potential for bugs only increases. Bugs can cause chaos for users, from unwanted reboots to corruption of an entire system — not to mention security vulnerabilities.

Eliminating bugs individually is nearly impossible, so developers often rely on fuzzing to expedite the process. The generalized automatic software testing technique injects mutated inputs to discover bugs and test how robust the system is. Typically, fuzzing is only designed for detecting memory errors, but the researchers wanted to tackle a more challenging category, semantic bugs.

Sematic bugs come in many forms, from violating main properties of the system like crash safety to the developers’ incorrect assumptions. Each issue often requires a specialized checker to find the bug. Yet, all semantic bugs have one thing in common: Their failure does not register in the kernel in the same way memory bugs do. Their undetectable nature means previous fuzzers can’t be used out of the box.

“Semantic bugs do not explicitly manifest themselves,” Kim said. “They are silent. The effects are often internal and only revealed upon some special condition.”

Expanding Fuzzing

Hydra enables plugged-in bug checkers to work on their own while offloading file system checking to Hydra. This helps eliminate any type of file system bugs, including three common types:

·Crash inconsistency, when a file system fails to recover to a correct state after a crash

·Specification violation (often known as POSIX standards), when the file system’s behavior does not conform to the specifications of how it should behave

·Logic bugs, when bugs are specific to a file system’s implementation of an algorithm or an invalid assumption

[RELATED CONTENT: Janus Finds More Bugs in File Systems than any Fuzzer]

Building from the researchers’ prior work with the fuzzer Janus, Hydra provides common tools developers need to debug a file system, including:

·Input mutator to generate test cases that are likely to trigger bugs

· libOS-based executor that executes the test case against targeted file system and runs plugged-in bug checkers

· Feedback engines that summarize the effects of test cases and determine if they are effective enough to further mutate

·Bug reproducer with a test case minimizer that automatically verifies the reported test cases and reduces the size of the test case, respectively

“With these jobs offloaded, a developer now can only focus on writing a reliable bug checker (if it does not already exist) for the bug type he or she is interested in finding,” Kim said.

Kim presented the work at ACM Symposium on Operating Systems Principles (SOSP) in Huntsville, Ontario, Canada from Oct. 27 to 30. He co-wrote the paper, Finding Semantic Bugs in File Systems with an Extensible Fuzzing Framework with SCS Ph.D. students Meng Xu, Sanidhya Kashyap, Jungyeon Yoon,  and Wen Xu, and SCS Associate Professor Taesoo Kim.

 

Additional Information

Groups

College of Computing, School of Computer Science

Categories
No categories were selected.
Related Core Research Areas
Cybersecurity, Systems
Newsroom Topics
No newsroom topics were selected.
Keywords
No keywords were submitted.
Status
  • Created By: Tess Malone
  • Workflow Status: Published
  • Created On: Nov 7, 2019 - 5:00pm
  • Last Updated: Nov 7, 2019 - 5:09pm