Collaborative Research: SaTC: CORE: Medium: Rethinking Fuzzing for Security

协作研究：SaTC：核心：中：重新思考安全性模糊测试

• 批准号: 2213727
• 负责人: Jun Xu
• 金额: $ 59.6万
• 依托单位: University of Utah
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-01-01 至 2024-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2213727&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; CORE; Medium

In software, a vulnerability is a flaw in the code that can be exploited by a malicious actor to perform unauthorized activities or change the behavior of the software. Although a topic heavily studied by security researchers, finding software vulnerabilities is becoming increasingly challenging because the software widely used in day-to-day life is growing larger and more complicated. This project addresses this challenge by rethinking a classic technique called fuzzing for finding vulnerabilities from large software. The high-level idea of fuzzing is to create a large number of random inputs to run software and in turn trigger vulnerabilities. The novelties of this project are the new approaches, techniques, and tools that revolutionize fuzzing and make the nearly random testing process more intelligent and targeted. This way, this project will enhance security of various types of widely used software, ranging from web browsers to server-side programs.To that end, this project is investigating vulnerability-coverage-driven fuzzing. Existing fuzzing techniques primarily followed an approach called code-coverage-driven fuzzing, motivated by the belief that code coverage and vulnerability finding are strongly correlated. Challenging this widely held belief, this project shows that code coverage has weaker-than-expected ties with vulnerabilities and code-coverage-driven fuzzing is not well suited for vulnerability finding. Pioneering vulnerability-coverage-driven fuzzing, this project invents a series of novel techniques to (1) obtain feedback on vulnerability coverage (2) prioritize test inputs that can reach more vulnerabilities and (3) maximize the chance to trigger vulnerabilities reached by the test inputs. This project also produces new metrics, new benchmarks, and new frameworks for comprehensively evaluating the use of fuzzing for vulnerability finding. With the investigators' experience in research of software security and system security, this project provides a group of education, training, and research opportunities for both undergraduate and graduate students. Through industry outreach, the investigators pursue technology transfers and raise the awareness of software security.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

在软件中，漏洞是代码中的缺陷，可以被恶意行为者利用来执行未经授权的活动或改变软件的行为。尽管安全研究人员对软件漏洞进行了大量研究，但由于日常生活中广泛使用的软件越来越大，越来越复杂，因此发现软件漏洞变得越来越具有挑战性。本项目通过重新思考一种称为模糊测试的经典技术来解决这一挑战，该技术用于从大型软件中发现漏洞。模糊测试的高级思想是创建大量随机输入来运行软件，从而触发漏洞。这个项目的新奇之处在于新的方法、技术和工具，它们彻底改变了模糊测试，使几乎随机的测试过程更加智能和有针对性。通过这种方式，该项目将增强从web浏览器到服务器端程序等各种广泛使用的软件的安全性。为此，该项目正在研究漏洞覆盖驱动的模糊测试。现有的模糊测试技术主要遵循一种称为代码覆盖率驱动的模糊测试的方法，这种方法的动机是相信代码覆盖率和漏洞发现是紧密相关的。挑战这个广泛持有的信念，这个项目表明代码覆盖率与漏洞的联系弱于预期，并且代码覆盖率驱动的模糊测试并不适合漏洞发现。该项目开创了漏洞覆盖驱动的模糊测试，发明了一系列新技术，以(1)获得漏洞覆盖的反馈(2)对可以触及更多漏洞的测试输入进行优先排序(3)最大化触发测试输入所触及的漏洞的机会。这个项目还产生了新的度量、新的基准和新的框架，以全面评估模糊测试在漏洞发现中的使用。本项目结合研究者在软件安全和系统安全方面的研究经验，为本科生和研究生提供了一批教育、培训和研究机会。通过行业外展，调查人员寻求技术转让并提高对软件安全的认识。该奖项反映了美国国家科学基金会的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Building Embedded Systems Like It's 1996

• DOI: 10.48550/arxiv.2203.06834
• 发表时间: 2022-03
• 期刊: ArXiv
• 作者: Ruotong Yu;Francesca Del Nin;Yuchen Zhang;Shan Huang;Pallavi Kaliyar;Sarah Zakto;M. Conti;G. Portokalidis;Jun Xu

Towards Understanding the Runtime Performance of Rust

理解 Rust 的运行时性能

• DOI: 10.1145/3551349.3559494
• 发表时间: 2023
• 期刊: Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering
• 作者: Zhang, Yuchen;Zhang, Yunhang;Portokalidis, Georgios;Xu, Jun
• 通讯作者: Xu, Jun