Detail výsledku

Dfuzzer: A D-Bus Service Fuzzing Tool

MARHEFKA, M.; MÜLLER, P. Dfuzzer: A D-Bus Service Fuzzing Tool. In Proceedings of IEEE Seventh International Conference on Software Testing, Verification and Validation Workshopsn. Cleveland: IEEE Computer Society, 2014. p. 383-389. ISBN: 978-0-7695-5194-4.
Typ
článek ve sborníku konference
Jazyk
anglicky
Autoři
Marhefka Matúš, Ing., UITS (FIT)
Müller Petr, Ing., UITS (FIT)
Abstrakt

We present Dfuzzer, a fully automated tool for fuzz testing programs
communicating via D-Bus. D-Bus is the prevalent modern mechanism for an
inter-process communication in the GNU/Linux ecosystem. Using D-Bus introspection, Dfuzzer is able to
acquire the structure of the parameters expected by the target program. It can
then generate ballast data respecting this structure, so the target program
starts using such data incorrectly if it does not carefully validate it. We
have found numerous bugs in various parts of the GNU/Linux operating system,
including GNOME Shell and systemd.

Klíčová slova


D-Bus
fuzzer
fuzz testing
automated testing
pseudo-random data generation
IPC

Rok
2014
Strany
383–389
Sborník
Proceedings of IEEE Seventh International Conference on Software Testing, Verification and Validation Workshopsn
Konference
Seventh IEEE International Conference on Software Testing, Verification and Validation
ISBN
978-0-7695-5194-4
Vydavatel
IEEE Computer Society
Místo
Cleveland
DOI
10.1109/ICSTW.2014.51
UT WoS
000356142700060
EID Scopus
2-s2.0-84903639073
BibTeX 
@inproceedings{BUT111536,
  author="Matúš {Marhefka} and Petr {Müller}",
  title="Dfuzzer: A D-Bus Service Fuzzing Tool",
  booktitle="Proceedings of IEEE Seventh International Conference on Software Testing, Verification and Validation Workshopsn",
  year="2014",
  pages="383--389",
  publisher="IEEE Computer Society",
  address="Cleveland",
  doi="10.1109/ICSTW.2014.51",
  isbn="978-0-7695-5194-4"
}
Projekty
Spolehlivost a bezpečnost v IT, VUT, Vnitřní projekty VUT, FIT-S-14-2486, zahájení: 2014-01-01, ukončení: 2016-12-31, ukončen
Verifikace a optimalizace počítačových systémů, VUT, Vnitřní projekty VUT, FIT-S-12-1, zahájení: 2012-01-01, ukončení: 2014-12-31, ukončen
Výzkumné skupiny
Výzkumná skupina automatizované analýzy a verifikace - VeriFIT (VZ VERIFIT)
Pracoviště
Ústav inteligentních systémů (UITS)
Nahoru