Shisong Qin (Tsinghua University), Fan Hu (State Key Laboratory of Mathematical Engineering and Advanced Computing), Bodong Zhao (Tsinghua University), Tingting Yin (Tsinghua University), Chao Zhang (Tsinghua University)

As the essential component responsible for communication, network services are security-critical, and it is vital to find vulnerabilities in them. Fuzzing is currently one of the most popular software vulnerability discovery techniques, widely adopted due to its high efficiency and low false positives. However, existing coverage-guided fuzzers mainly aim at stateless local applications, leaving stateful network services underexplored. Recently, some fuzzers targeting network services have been proposed but have certain limitations, e.g., insufficient or inaccurate state representation and low testing efficiency.

In this paper, we propose a new fuzzing solution NSFuzz for stateful network services. Specifically, we studied typical implementations of network service programs and figured out how they represent states and interact with clients, and accordingly propose (1) a program variable-based state representation scheme and (2) an efficient interaction synchronization mechanism to improve efficiency. We have implemented a prototype of NSFuzz, which uses static analysis to identify network event loops and extract state variables, then achieves fast I/O synchronization and efficient s t ate-aware fuzzing via lightweight compile-time instrumentation. The preliminary evaluation results show that, compared with state-of-the-art network service fuzzers AFLNET and STATEAFL, our solution NSFuzz could infer a more accurate state model during fuzzing and improve the testing throughput by up to 50x and the coverage by up to 20%.

View More Papers

Semantic-Informed Driver Fuzzing Without Both the Hardware Devices and...

Wenjia Zhao (Xi'an Jiaotong University and University of Minnesota), Kangjie Lu (University of Minnesota), Qiushi Wu (University of Minnesota), Yong Qi (Xi'an Jiaotong University)

Read More

TENSURE: Fuzzing Sparse Tensor Compilers (Registered Report)

Kabilan Mahathevan (Department of Computer Science, Virginia Tech, Blacksburg), Yining Zhang (Department of Computer Science, Virginia Tech, Blacksburg), Muhammad Ali Gulzar (Department of Computer Science, Virginia Tech, Blacksburg), Kirshanthan Sundararajah (Department of Computer Science, Virginia Tech, Blacksburg)

Read More

Multi-Certificate Attacks against Proof-of-Elapsed-Time and Their Countermeasures

Huibo Wang (Baidu Security), Guoxing Chen (Shanghai Jiao Tong University), Yinqian Zhang (Southern University of Science and Technology), Zhiqiang Lin (Ohio State University)

Read More