PDF-Taint-basedDirectedWhiteboxFuzzingVijayGaneshandTimLeekandMartinRinard

inputisidenticaltooneofthesampleinputsexceptthattheinputbytesthataectthevaluesatoneormoreattackpointshavebeenalteredBydefaultourimplementedBuzzFuzzsystemsetsthesebytestoextremalvalueseglarge. with Dynamic Information Flow Analysis. Mona Attariyan. Jason . Flinn. University of Michigan. Mona Attariyan - University of Michigan. 2. Configuration Troubleshooting Is Difficult. Software systems . A Checksum-Aware Directed fuzzing Tool for Automatic Software Vulnerability Detection. Tielei. Wang. 1. , Tao Wei. 1. , . Guofei. Gu. 2. , Wei Zou. 1. 1. Peking University, China. 2. Texas A&M University, US. (but might have been afraid to ask). IEEE S&P 2010. Overview. Two Main Contributions. Precisely describe the algorithms for dynamic taint analysis and forward symbolic execution as extensions to the run-time semantics of a general language. Edward J. Schwartz, . Thanassis. Avgerinos, David . Brumley. Presented by: . Haitao Xu. 1. The Root of All Evil. Humans write programs. This Talk:. Computers Analyzing Programs Dynamically at Runtime. Chik. . Brenneman. UC Davis Department of Viticulture and Enology. Background. Chemistries of sulfur formation are complex. #%&* Happens. Winemaker Responsibilities. Avoid formation in the first place. Ron Rivest. Crypto in the Clouds Workshop, MIT Rump Session Talk. August 4, 2008. Taint . Common term in software security. Any external input is . tainted. . . A computation with a . tainted. input produces . Suman Jana. Dynamic Taint Analysis. Track information flow through a program at runtime. Identify sources of taint – . “. TaintSeed. ”. What are you tracking?. Untrusted input. Sensitive data. Taint Policy – . BMSB potential impact in hazelnut and berry crops. Vaughn Walton*, Chris . Hedstrom. , . Nik. . Wiman. , Elizabeth . Tomasino. , . Pallavi. . Mohekar. , Betsey Miller, Danny Dalton, . Riki. York . Unlimited Watchpoints. Joseph L. Greathouse. †. , . Hongyi. . Xin. *, . Yixin. . Luo. . †‡. , Todd Austin. †. †. University of Michigan. ‡. Shanghai Jiao. Tong University. *. Carnegie Mellon University. Yinzhi Cao. Reference: . http. ://www.cs.tau.ac.il/~. omertrip/pldi09/TAJ.ppt. www.cs.cmu.edu/~. soonhok/talks/20110301.pdf. 2. Motivating Example. *. * Inspired by . Refl1. in. SecuriBench Micro. Taint Flow #1. Roadmap. Background. TaintDroid. JavaScript. Conclusion. Background. In smartphone, we. . use third-party applications such as . - Google map, Angry bird … . etc. More than 10Billion Apps. Because it’s useful.. Ron Rivest. Crypto in the Clouds Workshop, MIT Rump Session Talk. August 4, . 2009. Taint . Common term in software security. Any external input is . tainted. . . A computation with a . tainted. input produces . App Sets. Will Klieber*, Lori Flynn, . Amar Bhosale , Limin Jia, and Lujo Bauer . Carnegie Mellon University. *presenting. Motivation. Detect malicious apps that leak sensitive data.. Realtime. Privacy. Monitoring On Smartphones. Authors:. William . Enck. The . Pennsylvania State . University . Peter Gilbert Duke University . Byung-Gon. Chun Intel Labs . Landon . P. . Cox Duke University .