КАТЕГОРИЗАЦІЯ МЕТОДИК ФАЗЗІНГУ

Authors

  • К.П. Ануфрієнко
  • В.В. Бобровський
  • Д.В. Луценко
  • О.В. Григоренко

DOI:

https://doi.org/10.18372/2410-7840.12.1971

Abstract

Статичний аналіз початкового коду  як метод виявлення урзливостей — це метод білого  ящика.  Перевірка  початкового  коду  при  цьому  вимагає  того,  щоб  початковий  код  був доступний.  Проте  існують  альтернативні  методи  чорного  ящика,  при  яких  доступ  до початкового  коду  не  потрібен.  Одна  з  таких  альтернатив — технологія  фаззінгу,  яка  чудово себе  зарекомендувала  при  знаходженні  серйозних  уразливостей,  які  іншими  методами  не вдалося виявити [1].

References

Саттон М. Fuzzing: Исследование уязвимостей методом грубой силы / Майкл Саттон, Адам Грин, Педрам Амини. —Пер. с англ.— СПб. : Символ-Плюс, 2009. —560 с. —ISBN 978-5-93286-147-9.

Miller B. P. An empirical study of the reliability of UNIX utilities / B. P. Miller, L. Fredriksen, S. Bryan // Commun. ACM.— 1990. —№12.—P. 32–44.

Oehlert P. Violating assumptions with fuzzing / P. Oehlert // IEEE Security and Privacy. — 2005.—Issue 2. — P. 58–62.

Козиол Дж. Искусство взлома и защиты систем = The Shellcoder’s Handbook / Джек Козиол, ДэвидЛичфилд, Дэйв Эйтэл, Крис Энли, Синан Эрен, Нил Мехта, Рили Хассель. — Пер. с англ.—СПб. : Питер, 2006.— 416 с. —ISBN 5-469-01233-6.

Banks G. SNOOZE: toward a Stateful NetwOrk prOtocol fuzZEr / G. Banks, M. Cova, V. Felmetsger, K. Almeroth, R. Kemmerer, G. Vigna // Proceedings of the Information Security Conference (ISC). — [New York, NY, USA] : Springer, 2006.—P. 343–358.

Sen K. Cute: A concolic unit testing engine for C / K. Sen, D. Marinov, G. Agha // ESEC/FSE-13: Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering, 2005.—P. 263–272.

Godefroid P. Dart: directed automated random testing / P. Godefroid, N. Klarlund, K. Sen // PLDI ’05: Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation, 2005.—P. 213–223.

Cadar C. EXE: Automatically generating inputs of death / C. Cadar, V. Ganesh, P. M. Pawlowski, D. L. Dill, D. R. Engler // Proceedings of the 13th ACM conference on Computer and communications security (CCS’06), 2006.— P. 322–335.

Godefroid P. Automated whitebox fuzz testing / P. Godefroid, M. Levin, D. Molnar // Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS’08). —[San Diego, CA, USA], 2008.

Cadar C. Klee: Unassisted and automatic generation if high-coverage tests for complex systems programs / C. Cadar, D. Dunbar, D. Engler // USENIX Symposium on Operating Systems Design and Implementation (OSDI’08).— [San Diego, CA, USA], 2008.

Molnar D. Dynamic test generation to find integer bugs in x86 binary Linux programs / D. Molnar, X. C. Li, D. A. Wagner // Proceedings of the 18th USENIX Security Symposium.— 2009.

Godefroid P. Grammar-based whitebox fuzzing / P. Godefroid, A. Kiezun, and M. Y. Levin // Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI’08).— [USA]: ACM, 2008.

Majumdar R. Directed test generation using symbolic grammars / R. Majumdar, R.-G. Xu // ESEC-FSE companion’07: The 6th Joint Meeting on European software engineering conference and the ACM SIGSOFT symposium on the foundations of software engineering.—[New York, NY, USA] : ACM, 2007. — P. 553–556.

Test case [Electronic resource] / [Wikipedia contributors] // Wikipedia : The Free Encyclopedia. — Electronic data. — San Francisco : Wikimedia Foundation, 2010. — Mode of access: World Wide Web. — URL:http://en.wikipedia.org/w/index.php?title=Test_case&oldid=398287802. — Title from screen. — Description based on version dated 2010 November 22.

Newsome J. Replayer : Automatic protocol replay by binary analysis / J. Newsome, D. Brumley, J. Franklin, D. Song // Proceedings of the 13th ACM Conference on Computer and Communications Security. — 2006.

Sharif M. Impeding malware analysis using conditional code obfuscation / M. Sharif, A. Lanzi, J. Giffin, W. Lee // Proceedings of the 15th Annual Network and Distributed System Security Symposium. — [San Diego, CA, USA], 2008.

Brumley D. Automatic patch-based exploit generation is possible: Techniques and implications / D. Brumley, P. Poosankam, D. Song, J. Zheng // Proceedings of the 2008 IEEE Symposium on Security and Privacy. — 2008.

Taint checking [Electronic resource] / [Wikipedia contributors] // Wikipedia : The Free Encyclopedia. —Electronic data. — San Francisco : Wikimedia Foundation, 2010. — Mode of access: World Wide Web. — URL: http://en.wikipedia.org/w/index.php?title=Taint_checking&oldid=383882171. — Title from screen. — Description based on version dated 2010 September 9.

Sabelfeld A. Language-based information-flow security / A. Sabelfeld, A. C. Myers // IEEE Journal on Selected Areas in Communications.—2003.

Terauchi T. Secure information flow as a safety problem / T. Terauchi, A. Aiken // 12th International Static Analysis Symposium.—2005.

Ganesh V. Taint-based directed whitebox fuzzing / V. Ganesh, T. Leek, M. Rinard // Proceedings of the 31st International Conference on Software Engineering (ICSE’09). — [New York, NY, USA] : ACM, 2009. — P. 474–484.

Wang T. TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection / T. Wang, T. Wei, G. Gu, W. Zou // 2010 IEEE Symposium on Security and Privacy. — P. 497-512. — DOI: 10.1109/SP.2010.37.

Drewry W. Flayer: Exposing Application Internals / W. Drewry, T. Ormandy // First Workshop On Offensive Technologies (WOOT). —2007.

Nethercote N. Valgrind: a framework for heavyweight dynamic binary instrumentation / N. Nethercote, J. Seward // PLDI ’07: Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation.—[New York, NY, USA] : ACM, 2007. —P. 89–100.

Moser A. Exploring multiple execution paths for malware analysis / A. Moser, C. Kruegel, E. Kirda // SP’07: Proceedings of the 2007 IEEE Symposium on Security and Privacy. — [Washington, DC, USA] : IEEE Computer Society, 2007.—P. 231–245.

Wilhelm J. A forced sampled execution approach to kernel rootkit identification / J. Wilhelm, Tzi-cker Chiueh // 10th International Symposium on Recent Advances in Intrusion Detection (RAID’07), pages 219–235, 2007.

Ormandy T. Making Software Dumberer [Electronic resource] / T. Ormandy. — Electronic data. — [Mountain View, California, USA] : Google, 2010. — Mode of access: World Wide Web. — URL: http://taviso.decsystem.org/making_software_dumber.pdf. — Title from screen.

Comparetti P. M. Prospex: Protocol specification extraction / P. M. Comparetti, G. Wondracek, C. Kruegel, E. Kirda // IEEE Symposium on Security and Privacy. — [USA] : IEEE Computer Society Press, 2009.

Cui W. Tupni: automatic reverse engineering of input formats / W. Cui, M. Peinado, K. Chen, H. J. Wang, L. Irun-Briz // CCS ’08: Proceedings of the 15th ACM conference on Computer and communications security. — [New York, NY, USA] : ACM, 2008.—P. 391–402.

Lin Z. Automatic protocol format reverse engineering through context-aware monitored execution / Z. Lin, X. Jiang, D. Xu, X. Zhang // Proceedings of the 15th Annual Network and Distributed System Security Symposium. —[San Diego, CA, USA], 2008. 31. Caballero J. Polyglot: Automatic extraction of protocol message format using dynamic binary analysis / J. Caballero, H. Yin, Z. Liang, D. Song // Proceedings of ACM Conference on Computer and Communication Security. —2007.

Cui W. Discoverer: Automatic protocol reverse engineering from network traces / W. Cui, J. Kannan, H. J. Wang // Proceedings of the 16th USENIX Security Symposium. —2007.

Junghee J. L. Extracting output formats from executables / J. L. Junghee, T. Reps, B. Liblit // Working Conference on Reverse Engineering.—2006.— P. 167–178.

Lin Z. Convicting exploitable software vulnerabilities: An efficient input provenance based approach / Z. Lin, X. Zhang, and D. Xu // Proceedings of the 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSNDCCS 2008). —[Anchorage, Alaska, USA], 2008.

Wondracek G. Automatic network protocol analysis / G. Wondracek, P. M. Comparetti, C. Kruegel, and E. Kirda // 16th Network & Distributed System Security Symposium. —2008.

Downloads

How to Cite

Ануфрієнко, К., Бобровський, В., Луценко, Д., & Григоренко, О. (2010). КАТЕГОРИЗАЦІЯ МЕТОДИК ФАЗЗІНГУ. Ukrainian Information Security Research Journal, 12(4 (49). https://doi.org/10.18372/2410-7840.12.1971

Issue

Vol. 12 No. 4 (49) (2010)

Section

Articles

License

The scientific journal adheres to the principles of Open Access and provides free, immediate, and permanent access to all published materials without financial, technical, or legal barriers for readers.

All articles are published in Open Access under the Creative Commons Attribution 4.0 International (CC BY 4.0) license.

Copyright

Authors who publish their works in the journal:

  • retain the copyright to their publications;

  • grant the journal the right of first publication of the article;

  • agree to the distribution of their materials under the CC BY 4.0 license;

  • have the right to reuse, archive, and distribute their works (including in institutional and subject repositories), provided that proper reference is made to the original publication in the journal.