The OS kernel, which has entire system privileges, is an attractive target of attackers. To reduce this threat, we need to find security bugs in the kernel prior to the attackers, and system call fuzzing is a widely used technique for this purpose. However, many system call fuzzers have not been evaluated for coverage performance which is an important indicator in fuzzing. In this poster, we propose a methodology to evaluate the code coverage performance of system call fuzzers with a strategy that combines virtualization and Intel Processor Trace (PT). First, we extract all the functions in the kernel that can be executed by system calls. Then we perform fuzzing with the target system call fuzzer on the guest OS, and record coverage information by leveraging the Intel PT. Finally, we evaluate system call fuzzers by comparing the list of functions related to system calls with the executed functions logged by Intel PT while fuzzing.
|Title of host publication||CCS 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security|
|Publisher||Association for Computing Machinery|
|Number of pages||3|
|Publication status||Published - 2019 Nov 6|
|Event||26th ACM SIGSAC Conference on Computer and Communications Security, CCS 2019 - London, United Kingdom|
Duration: 2019 Nov 11 → 2019 Nov 15
|Name||Proceedings of the ACM Conference on Computer and Communications Security|
|Conference||26th ACM SIGSAC Conference on Computer and Communications Security, CCS 2019|
|Period||19/11/11 → 19/11/15|
Bibliographical noteFunding Information:
This work was supported by Defense Acquisition Program Administration and Agency for Defense Development under the contract (UD190016ED).
© 2019 Association for Computing Machinery.
All Science Journal Classification (ASJC) codes
- Computer Networks and Communications