<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>INFORMATION TECHNOLOGY IN INDUSTRY</title> <link rel="icon" type="image/ico" href="https://it-in-industry.com/index_files/icon.gif"/> <meta name="description" content="IT in Industry is an open access international journal publishing original papers in all areas of IT in industry." /> <meta name="keywords" content="Journal;IT;information technology;computer;health;engineering;mathematics" /> <meta name="generator" content="Open Journal Systems 2.3.7.0" /> <link rel="stylesheet" href="index_files/pkp.css" type="text/css" /> <link rel="stylesheet" href="index_files/common.css" type="text/css" /> <link rel="stylesheet" href="index_files/commons.css" type="text/css" /> <!-- Base Jquery --> <script type="text/javascript" src="https://www.google.com/jsapi"></script> <script type="text/javascript"> // Provide a local fallback if the CDN cannot be reached if (typeof google == 'undefined') { document.write(unescape("%3Cscript src='http://www.it-in-industry.org/lib/pkp/js/lib/jquery/jquery.min.js' type='text/javascript'%3E%3C/script%3E")); document.write(unescape("%3Cscript src='http://www.it-in-industry.org/lib/pkp/js/lib/jquery/plugins/jqueryUi.min.js' type='text/javascript'%3E%3C/script%3E")); } else { google.load("jquery", "1.4.2"); google.load("jqueryui", "1.8.1"); } </script> <link rel="stylesheet" href="index_files/sidebar.css" type="text/css" /> <link rel="stylesheet" href="index_files/leftSidebar.css" type="text/css" /> <link rel="stylesheet" href="index_files/rightSidebar.css" type="text/css" /> <link rel="stylesheet" href="index_files/bothSidebars.css" type="text/css" /> <link rel="stylesheet" href="index_files/journalStyleSheet.css" type="text/css" /> <script type="text/javascript" src="index_files/general.js"></script> <script type="text/javascript" src="index_files/tag-it.js"></script> <!-- Add javascript required for font sizer --> <script type="text/javascript" src="index_files/jquery.cookie.js"></script> <script type="text/javascript" src="index_files/fontController.js" ></script> <script type="text/javascript"> <script type="text/javascript"> $(function(){ fontSize("#sizer", "body", 9, 16, 32, ""); // Initialize the font sizer }); </script> <script type="text/javascript"> // initialise plugins $(function(){ }); </script> </head> <body> <div id="container"> <div id="header"> <div id="headerTitle"> <h1> <img src="index_files/homeHeaderTitleImage_en_US.jpg" width="1080" height="161" alt="Page Header" /> </h1> </div> </div> <div id="body"> <div id="sidebar"> <div id="leftSidebar"> <div class="block" id="custom"> <p><a href="http://www.it-in-industry.com/index.html" target="_self"> <img src="index_files/icon_home.jpg" alt="Home" width="154" height="120" /></a></p> </div> <div class="block" id="custom"> <p><a href="http://www.it-in-industry.com/papers.html" target="_self"> <img src="index_files/icon_call_for_papers.jpg" alt="Call for Papers" width="120" height="120" /></a></p> </div> <div class="block" id="custom"> <p><a href="http://www.it-in-industry.com/editors.html" target="_self"> <img src="index_files/icon_call_for_editors.jpg" alt="Call for Editors" width="120" height="120" /></a></p> </div> <div class="block" id="custom"> <p><a href="http://www.it-in-industry.com/reviewers.html" target="_self"> <img src="index_files/icon_call_for_reviewers.jpg" alt="Call for Reviewers" width="120" height="120" /></a></p> </div> <div class="block" id="custom"> <p><a href="http://www.it-in-industry.com/contact.html" target="_blank"> <img src="index_files/icon_contact_us.jpg" alt="Contact Us" width="120" height="120" /></a></p> </div> </div> <div id="rightSidebar"> <div class="block" id="custom"> <p><a href="http://www.latrobe.edu.au" target="_blank"> <img src="index_files/LTU_Logo.gif" alt="La Trobe University" width="115" height="35" /></a></p> </div> <div class="block" id="sidebarNavigation"> <span class="blockTitle">Journal Content</span> <span class="blockSubtitle">Search</span> <form method="post" action="http://www.it-in-industry.com/advancedResults.html"> <table> <tr> <td><input type="text" id="query" name="query" size="15" maxlength="255" value="" class="textField" /></td> </tr> <tr> <td><select name="searchField" size="1" class="selectMenu"> <option label="All" value="">All</option> <option label="Authors" value="1">Authors</option> <option label="Title" value="2">Title</option> <option label="Abstract" value="4">Abstract</option> <option label="Index terms" value="120">Index terms</option> <option label="Full Text" value="128">Full Text</option> </select></td> </tr> <tr> <td><input type="submit" value="Search" class="button" /></td> </tr> </table> </form> <br /> <span class="blockSubtitle">Browse</span> <ul> <li><a href="http://www.it-in-industry.com/archive.html">By Issue</a></li> <li><a href="http://www.it-in-industry.com/byauthors.html">By Author</a></li> <li><a href="http://www.it-in-industry.com/titles.html">By Title</a></li> </ul> </div> <div class="block" id="sidebarInformation"> <span class="blockTitle">Information</span> <ul> <li><a href="http://www.it-in-industry.com/readers.html">For Readers</a></li> <li><a href="http://www.it-in-industry.com/authors.html">For Authors</a></li> <li><a href="http://www.it-in-industry.com/librarians.html">For Librarians</a></li> </ul> </div> <div class="block" id="custom"> <p><a href="http://www.it-in-industry.com/submissions.html" target="_self"> <img src="index_files/icon_paper_submission.jpg" alt="Paper Submission" width="120" height="120" /></a></p> </div> <div class="block" id="custom"> <p><a href="http://www.it-in-industry.com/editorialPolicies.html#custom-4" target="_self"> <img src="index_files/icon_special_issues.jpg" alt="Special Issues" width="120" height="120" /></a></p> </div> </div> </div> <div id="main"> <div id="navbar"> <ul class="menu"> <li id="home"><a href="http://www.it-in-industry.com/index.html">Home</a></li> <li id="about"><a href="http://www.it-in-industry.com/about.html">About</a></li> <li id="login"><a href="http://www.it-in-industry.com/login.html">Log In</a></li> <li id="register"><a href="http://www.it-in-industry.com/register.html">Register</a></li> <li id="announcements"><a href="http://www.it-in-industry.com/announcement.html">Announcements</a></li> </ul> </div> <div id="breadcrumb"> <a href="http://www.it-in-industry.com/index.html">Home</a> &gt; <a href="vol5.html" target="_parent">Vol 2 (2014)</a> &gt; <a href="34.html" class="current" target="_parent">Cai</a> </div> <div id="content"> <div id="topBar"> </div> <div id="articleTitle"><h3>A Smart Fuzzing Approach for Integer Overflow Detection</h3></div> <div id="authorString"><em>Jun Cai, Peng Zou, Jun He, Jinxin Ma</em></div> <br /> <div id="articleAbstract"> <h4>Abstract</h4> <br /> <div>Fuzzing is one of the most commonly used methods to detect software vulnerabilities, a major cause of information security incidents. Although it has advantages of simple design and low error report, its efficiency is usually poor. In this paper we present a smart fuzzing approach for integer overflow detection and a tool, SwordFuzzer, which implements this approach. Unlike standard fuzzing techniques, which randomly change parts of the input file with no information about the underlying syntactic structure of the file, SwordFuzzer uses online dynamic taint analysis to identify which bytes in the input file are used in security sensitive operations and then focuses on mutating such bytes. Thus, the generated inputs are more likely to trigger potential vulnerabilities. We evaluated SwordFuzzer with an example program and a number of real-world applications. The experimental results show that SwordFuzzer can accurately locate the key bytes of the input file and dramatically improve the effectiveness of fuzzing in detecting real-world vulnerabilities.</div> <br /> </div> <div id="articleSubject"> <h4>Keywords</h4> <br /> <div>Information Security; Vulnerability Detection; Dynamic Taint Analysis; Smart Fuzzing</div> <br /> </div> <div id="articleCitations"> <h4>References</h4> <br /> <div> <p>OWASP, Category:Vulnerability [Online]. Available: https://www.owasp.org/index.php/Category:Vulnerability</p> <p>NIST, National Vulnerability Database [Online]. Available: http://web.nvd.nist.gov/view/vuln/search-advanced</p> <p>C. Cadar, D. Dunbar, and D. Engler, "Klee: Unassisted and automatic generation of high-coverage tests for complex systems programs," in USENIX Symposium on Operating Systems Design and Implementation (OSDI'08), San Diego, CA, 2008, pp. 209-224.</p> <p>P. Godefroid, M. Levin, and D. Molnar, "Automated whitebox fuzz testing," in Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS'08), San Diego, CA, February 2008, pp. 151-166.</p> <p>V. Ganesh, T. Leek, and M. Rinard, "Taint-based directed whitebox fuzzing", in Proceedings of the IEEE 31st International Conference on Software Enineering (ICSE'09), May 16-24, 2009, Vancouver, Canada, pp. 474-484.</p> <p>T. Wang, T. Wei, Z. Lin, and W. Zou, "IntScope: automatically detecting integer overflow vulnerability in X86 binary using symbolic execution", in Proceedings of the 16th Network and Distributed System Security Symposium (NDSS'09), San Diego, CA, February 2009.</p> <p>OWASP, Integer Overflow [Online]. Available: https://www.owasp.org/index.php/Integer_overflow</p> <p>J. Newsome and D. Song, "Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity</p> <p>software," in Proceedings of the Network and Distributed System Security Symposium (NDSS 2005).</p> <p>J. Clause, W. Li, and A. Orso, "Dytan: a generic dynamic taint analysis framework", in Proceedings of the 2007 International Symposium on Software Testing and Analysis (ISSTA'07), ACM, July 9-12, 2007, London, England, United Kingdom, pp. 196-206.</p> <p>E. J. Schwartz, T. Avgerinos, and D. Brumley, "All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask)", in the Proceedings of the 2010 IEEE Symposium on Security and Privacy, May 2010, pp. 317-331.</p> <p>E. Bosman, A. Slowinska, and H. Bos, "Minemu: the world's fastest taint tracker," in Proceedings of the 14th International Conference on Recent advances in Intrusion Detection (RAID'11), 2011, pp. 1-20.</p> <p>V. P. Kemerlis, G. Portokalidis, K. Jee, and A. D. Keromytis, "libdft: practical dynamic data flow tracking for commodity systems," in VEE'12, March 3-4, 2012, London, England, UK.</p> <p>M. Sutton, A. Greene, and P. Amini, Fuzzing: Brute Force Vulnerability Discovery, Addison-Wesley Professional, United States, 2007.</p> <p>A. Takanen. (2009). Fuzzing: the past, the present and the future, [Online]. Available: http://actes.sstic.org/SSTIC09/Fuzzing-the_Past-the_Present_and_the_Future/SSTIC09-article-A-Takanen-Fuzzing-the_Past-the_Present_and_the_Future.pdf</p> <p>B. S. Pak, "Hybrid Fuzz Testing: Discovering Software Bugs via Fuzzing and Symbolic Execution", School of Computer Science Carnegie Mellon University, May 2012.</p> <p>S. Rawat and L. Mounier, "Offset-aware mutation based fuzzing for buffer overflow vulnerabilities: few preliminary results", in Proceedings of the 2011 IEEE Fourth International Conference on Software Testing, Verification and Validation Workshops (ICSTW), pp. 531-533.</p> <p>S. Bekrar, C. Bekrar, R. Groz, and L. Mounier, "Finding software vulnerabilities by smart fuzzing," in Proceedings of the 2011 IEEE Fourth International Conference on Software Testing, Verification and Validation, (ICST), 2011, pp. 427-430.</p> <p>S. Bekrar, C. Bekrar, R. Groz, and L. Mounier, "A taint based approach for smart fuzzing," in Proceedings of the 2012 IEEE Fifth International Conference on Software Testing, Verification and Validation (ICST), 2012, pp. 818-825.</p> <p>Caca labs, Zzuf - Multi-purpose fuzzer [Online]. Available:. http://caca.zoy.org/wiki/zzuf</p> <p>A pure-python fully automated and unattended fuzzing framework [Online]. Available: https://github.com/OpenRCE/sulley</p> <p>M. Eddington, Peach fuzzer [Online]. Available: http://peachfuzzer.com/</p> <p>Sogeti ESEC Lab, Fuzzgrind [Online]. Available: http://esec-lab.sogeti.com/pages/Fuzzgrind</p> <p>T. Wang, T. Wei, G. Gu, W. Zou, "Checksum-aware fuzzing combined with dynamic taint analysis and symbolic execution", ACM Transactions on Information and System Security, vol. 14, no.2, article 15, September 2011.</p> <p>Intel, Pin - A Dynamic Binary Instrumentation Tool [Online]. Available: https://software.intel.com/en-us/articles/pin-a-dynamic-binary-instrumentation-tool</p> <p>NIST, CVE-2007-4938 [Online]. Available: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4938</p> <p>Offensive Security, The Exploit Database [Online]. Available: http://www.exploit-db.com/</p> </div> <br /> </div> Full Text: <a href="http://it-in-industry.com/issue/archive/papers/30.html" class="file" target="_parent">PDF</a> <div class="separator"></div> <h3>Refbacks</h3> <ul class="plain"> <li>There are currently no refbacks.</li> </ul> <br /><br /> <a target="_new" rel="license" href="http://creativecommons.org/licenses/by/3.0/"> <img alt="Creative Commons License" style="border-width:0" src="http://i.creativecommons.org/l/by/3.0/80x15.png"/> </a> <br/> This work is licensed under a <a rel="license" target="_new" href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0 License</a>. <br /><br /> <p><img src="index_files/blocks_A1_Innovation.jpg" alt="IT in Innovation" width="207" height="46" /> <img src="index_files/blocks_A1_Business.jpg" alt="IT in Business" width="207" height="46" /> <img src="index_files/blocks_A1_Engineering.jpg" alt="IT in Engineering" width="207" height="46" /> <img src="index_files/blocks_A1_Health.jpg" alt="IT in Health" width="207" height="46" /> <img src="index_files/blocks_A1_Science.jpg" alt="IT in Science" width="207" height="46" /> <img src="index_files/blocks_A1_Design.jpg" alt="IT in Design" width="207" height="46" /> <img src="index_files/blocks_A1_Fashion.jpg" alt="IT in Fashion" width="207" height="46" /></p> IT in Industry (2012 - ) <a href="http://www.it-in-industry.com">http://www.it-in-industry.com</a> ISSN (Online): 2203-1731; ISSN (Print): 2204-0595 <br /> </div><!-- content --> </div><!-- main --> </div><!-- body --> </div><!-- container --> </body> </html>