Corpus ID: 6995703

Dowsing for Overflows: A Guided Fuzzer to Find Buffer Boundary Violations

  title={Dowsing for Overflows: A Guided Fuzzer to Find Buffer Boundary Violations},
  author={I. Haller and A. Slowinska and M. Neugschwandtner and H. Bos},
  booktitle={USENIX Security Symposium},
  • I. Haller, A. Slowinska, +1 author H. Bos
  • Published in USENIX Security Symposium 2013
  • Computer Science
  • Dowser is a 'guided' fuzzer that combines taint tracking, program analysis and symbolic execution to find buffer overflow and underflow vulnerabilities buried deep in a program's logic. The key idea is that analysis of a program lets us pinpoint the right areas in the program code to probe and the appropriate inputs to do so. Intuitively, for typical buffer overflows, we need consider only the code that accesses an array in a loop, rather than all possible instructions in the program. After… CONTINUE READING
    Driller: Augmenting Fuzzing Through Selective Symbolic Execution
    • 424
    • Open Access
    Steelix: program-state based binary fuzzing
    • 111
    • Open Access
    Angora: Efficient Fuzzing by Principled Search
    • 138
    • Open Access
    Directed Greybox Fuzzing
    • 188
    • Highly Influenced
    • Open Access
    LAVA: Large-Scale Automated Vulnerability Addition
    • 123
    • Open Access
    FairFuzz: A Targeted Mutation Strategy for Increasing Greybox Fuzz Testing Coverage
    • 94
    • Open Access
    kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels
    • 86
    • Open Access
    REDQUEEN: Fuzzing with Input-to-State Correspondence
    • 35
    • Open Access


    Publications referenced by this paper.
    Automated Whitebox Fuzz Testing
    • 1,038
    • Highly Influential
    • Open Access
    CUTE: a concolic unit testing engine for C
    • 1,758
    • Open Access
    AddressSanitizer: A Fast Address Sanity Checker
    • 494
    • Open Access
    EXE: Automatically Generating Inputs of Death
    • 899
    • Open Access
    DART: Directed Automated Random Testing
    • 986
    • Highly Influential
    • Open Access
    Preventing Memory Error Exploits with WIT
    • 287
    • Open Access