*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************
Title: Forging and Forgoing a Fuzzing Hostile Environment
Jinho Jung
Ph.D. Student
School of Computer Science
Georgia Institute of Technology
Email: jinho.jung@gatech.edu
Date: Thursday, May 14, 2020
Time: 2:30 PM to 4:00 PM (EST)
Location: *No Physical Location*
BlueJeans: https://bluejeans.com/jjung63
Committee:
Dr. Taesoo Kim (advisor), School of Computer Science, Georgia Institute of Technology
Dr. Joy Arluraj (co-advisor), School of Computer Science, Georgia Institute of Technology
Dr. Wenke Lee, School of Computer Science, Georgia Institute of Technology
Dr. Paul Pearce, School of Computer Science, Georgia Institute of Technology
Dr. Kyu Hyung Lee, Department of Computer Science, University of Georgia
Abstract:
Fuzzing is a software testing technique that quickly and automatically explores the input space of a program without knowing its internals. Therefore, developers commonly use fuzzing as part of test integration throughout the software development process. On the other hand, it also means that such a blackbox and the automatic natures of fuzzing are appealing to adversaries who are looking for zero-day vulnerabilities. In this proposal, I will present a new mitigation approach that helps developers protect the released software from attackers who are capable of applying fuzzing techniques, and a set of solutions to address the challenges COTS binary fuzzing faces.
1) Anti-fuzzing techniques:
I will discuss a new mitigation approach, called Fuzzification, that helps developers protect the released, binary-only software from attackers who are capable of applying state-of-the-art fuzzing techniques.
2) Fuzzing COTS binaries with a semi-automatic harness synthesis:
I will present a set of solutions to address the challenges of fuzzing on COTS binaries on Windows. First, my system tries to synthesize a harness for the application, a simple program that directly invokes partial target functions, based on sample executions. Then it tests the harness, instead of the original complicated program, using an efficient implementation of fork on Windows.
3) Fuzzing highly challenging targets:
RATs (Remote Access Trojans) are used for spying on victims. I will propose an idea to study prevalence of RATs on a large-scale. To do so, I will automatically extract RAT's signature for network scanning by using fuzzing and symbolic execution techniques on malware which was not considered as fuzzing target due to its abnormal behaviors.
