Corpus ID: 12770219

CAB-Fuzz: Practical Concolic Testing Techniques for COTS Operating Systems

@inproceedings{Kim2017CABFuzzPC,
  title={CAB-Fuzz: Practical Concolic Testing Techniques for COTS Operating Systems},
  author={Su Yong Kim and S. Lee and Insu Yun and Wen Xu and B. Lee and Youngtae Yun and Taesoo Kim},
  booktitle={USENIX Annual Technical Conference},
  year={2017}
}
  • Su Yong Kim, S. Lee, +4 authors Taesoo Kim
  • Published in
    USENIX Annual Technical…
    2017
  • Computer Science
  • Discovering the security vulnerabilities of commercial off-the-shelf (COTS) operating systems (OSes) is challenging because they not only are huge and complex, but also lack detailed debug information. Concolic testing, which generates all feasible inputs of a program by using symbolic execution and tests the program with the generated inputs, is one of the most promising approaches to solve this problem. Unfortunately, the state-of-the-art concolic testing tools do not scale well for testing… CONTINUE READING
    Fuzzification: Anti-Fuzzing Techniques
    6
    Fuzzing: State of the Art
    10
    HFL: Hybrid Fuzzing on the Linux Kernel
    1
    Razzer: Finding Kernel Race Bugs through Fuzzing
    22
    Exploring Effective Fuzzing Strategies to Analyze Communication Protocols

    References

    Publications referenced by this paper.
    SHOWING 1-10 OF 50 REFERENCES
    Automated Whitebox Fuzz Testing
    1037
    Under-Constrained Symbolic Execution: Correctness Checking for Real Code
    104
    Testing Closed-Source Binary Device Drivers with DDT
    93
    LAVA: Large-Scale Automated Vulnerability Addition
    119
    Augmented dynamic symbolic execution
    21
    Driller: Augmenting Fuzzing Through Selective Symbolic Execution
    419
    Under-constrained execution: making automatic code destruction easy and scalable
    55