CONFUZZION: A Java Virtual Machine Fuzzer for Type Confusion Vulnerabilities

Bonnaventure, William; KHANFIR, Ahmed; BARTEL, Alexandre; PAPADAKIS, Mike; LE TRAON, Yves

Télécharger

Communication publiée dans un ouvrage (Colloques, congrès, conférences scientifiques et actes)

CONFUZZION: A Java Virtual Machine Fuzzer for Type Confusion Vulnerabilities

Bonnaventure, William; KHANFIR, Ahmed; BARTEL, Alexandre et al.

2021 • In IEEE International Conference on Software Quality, Reliability, and Security (QRS), 2021

Peer reviewed

Permalien
https://hdl.handle.net/10993/48983

Documents (1)Envoyer vers Détails Statistiques Bibliographie Publications similaires

Documents

Texte intégral

ConfuzzionPaper-QRS.pdf

Postprint Éditeur (258.49 kB)

Télécharger

Tous les documents dans ORBilu sont protégés par une licence d'utilisation.

Envoyer vers

RIS BibTex APA Chicago Permalink X Linkedin

Détails

Disciplines :

Sciences informatiques

Auteur, co-auteur :

Bonnaventure, William

KHANFIR, Ahmed ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > SerVal

BARTEL, Alexandre ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)

PAPADAKIS, Mike ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > Computer Science and Communications Research Unit (CSC)

LE TRAON, Yves ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > SerVal

Co-auteurs externes :

yes

Langue du document :

Anglais

Titre :

CONFUZZION: A Java Virtual Machine Fuzzer for Type Confusion Vulnerabilities

Date de publication/diffusion :

2021

Nom de la manifestation :

IEEE International Conference on Software Quality, Reliability, and Security (QRS), 2021

Date de la manifestation :

6-12-21 to 9-12-21

Titre de l'ouvrage principal :

IEEE International Conference on Software Quality, Reliability, and Security (QRS), 2021

Peer reviewed :

Peer reviewed

Projet FnR :

FNR12630949 - Software Testing In A Fast, Clever And Effective Way, 2018 (01/01/2019-30/09/2022) - Yves Le Traon

Disponible sur ORBilu :

depuis le 13 décembre 2021

Statistiques

Nombre de vues

267 (dont 25 Unilu)

Nombre de téléchargements

687 (dont 26 Unilu)

Voir plus de statistiques

citations Scopus^®

citations Scopus^®
sans auto-citations

Bibliographie

"CVE-2014-0456." Available from MITRE, CVE-ID CVE-2014-0456, Dec. 12 2013, https://cve.mitre.org/cgi-bin/cvename.cginame= CVE-2014-0456.
"CVE-2015-4843." Available from MITRE, CVE-ID CVE-2015-4843, Jun. 24 2015, https://cve.mitre.org/cgi-bin/cvename.cginame= CVE-2015-4843.
"CVE-2016-3587." Available from MITRE, CVE-ID CVE-2016-3587, Mar. 17 2016, https://cve.mitre.org/cgi-bin/cvename.cginame= CVE-2016-3587.
"CVE-2017-3272." Available from MITRE, CVE-ID CVE-2017-3272, Dec. 06 2016, https://cve.mitre.org/cgi-bin/cvename.cginame= CVE-2017-3272.
"CVE-2018-2826." Available from MITRE, CVE-ID CVE-2018-2826, Dec. 15 2017, https://cve.mitre.org/cgi-bin/cvename.cginame= CVE-2018-2826.
A. Bartel and J. Doe, "Twenty years of escaping the java sandbox," Phrack, 2018, http://www.phrack.org/papers/escaping-the-java-sandbox.html.
M. Zalewski, "American fuzzy lop," http://lcamtuf.coredump.cx/afl/, 2017.
G. Klees, A. Ruef, B. Cooper, S. Wei, and M. Hicks, "Evaluating fuzz testing," in Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2018, pp. 2123-2138.
P. Chen and H. Chen, "Angora: Efficient fuzzing by principled search," in 2018 IEEE Symposium on Security and Privacy, 2018.
J. Corina, A. Machiry, C. Salls, Y. Shoshitaishvili, S. Hao, C. Kruegel, and G. Vigna, "Difuze: Interface aware fuzzing for kernel drivers," in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2017, pp. 2123-2138.
I. Haller, A. Slowinska, M. Neugschwandtner, and H. Bos, "Dowsing for overflows: A guided fuzzer to find buffer boundary violations," in Proceedings of the 22Nd USENIX Conference on Security, ser. SEC'13. Berkeley, CA, USA: USENIX Association, 2013, pp. 49-64.
C. Lemieux and K. Sen, "Fairfuzz: Targeting rare branches to rapidly increase greybox fuzz testing coverage," CoRR, vol. abs/1709.07101, 2017. [Online]. Available: http://arxiv.org/abs/1709.07101
S. Groß, "Fuzzil: Coverage guided fuzzing for javascript engines," Master's thesis, Karlsruhe Institute of Technology, 2018.
R. Padhye, C. Lemieux, and K. Sen, "Jqf: Coverage-guided propertybased testing in java," in Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis, 2019.
R. Kersten, K. S. Luckow, and C. S. Pasareanu, "Poster: Afl-based fuzzing for java with kelinci," in ACM Conference on Computer and Communications Security, 2017.
J. Judin, "Java-afl," https://github.com/Barro/java-afl, 2019.
R. Padhye, C. Lemieux, K. Sen, M. Papadakis, and Y. L. Traon, "Zest: Validity fuzzing and parametric generators for effective random testing," CoRR, vol. abs/1812.00078, 2018.
Y. Chen, T. Su, C. Sun, Z. Su, and J. Zhao, "Coverage-directed differential testing of jvm implementations," in proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation, 2016, pp. 85-99.
Y. Chen, T. Su, and Z. Su, "Deep differential testing of jvm implementations," in 2019 IEEE/ACM 41st International Conference on Software Engineering (ICSE). IEEE, 2019, pp. 1257-1268.
J. Chen, J. Patra, M. Pradel, Y. Xiong, H. Zhang, D. Hao, and L. Zhang, "A survey of compiler testing," ACM Comput. Surv., vol. 53, no. 1, pp. 4:1-4:36, 2020. [Online]. Available: https://doi.org/10.1145/3363562
M. Jimenez, R. Rwemalika, M. Papadakis, F. Sarro, Y. L. Traon, and M. Harman, "The importance of accounting for real-world labelling when predicting software vulnerabilities," in Proceedings of the ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC/SIGSOFT FSE 2019, Tallinn, Estonia, August 26-30, 2019, M. Dumas, D. Pfahl, S. Apel, and A. Russo, Eds. ACM, 2019, pp. 695-705. [Online]. Available: https://doi.org/10.1145/3338906.3338941
S. Bekrar, C. Bekrar, R. Groz, and L. Mounier, "Finding software vulnerabilities by smart fuzzing," in 2011 Fourth IEEE International Conference on Software Testing, Verification and Validation. IEEE, 2011, pp. 427-430.
G. Fraser and A. Arcuri, "Handling test length bloat," Software Testing, Verification and Reliability, vol. 23, no. 7, pp. 553-582, 2013.
R. Vallee-Rai and L. J. Hendren, "Jimple: Simplifying java bytecode for analyses and transformations." Citeseer, 1998.
P. Lam, E. Bodden, O. Lhoták, and L. Hendren, "The soot framework for java program analysis: a retrospective," in Cetus Users and Compiler Infastructure Workshop (CETUS 2011), vol. 15, 2011, p. 35.
J. Bernoulli, Ars conjectandi, opus posthumum: accedit tractatus de seriebus infinitis, et epistola Gallice scripta de ludo pilae reticularis. Impensis Thurnisiorum Fratrum, 1713.
A. Householder and J. Foote, "Probability-based parameter selection for black-box fuzz testing," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA, Tech. Rep. CMU/SEI-2012-TN-019, 2012.
B. Meyer, "Applying'design by contract'," Computer, vol. 25, no. 10, pp. 40-51, 1992.
C. Pacheco, S. K. Lahiri, M. D. Ernst, and T. Ball, "Feedback-directed random test generation," Proceedings-International Conference on Software Engineering, pp. 75-84, 2007.
G. Fraser and A. Arcuri, "EvoSuite," Proceedings of the 19th ACM SIGSOFT symposium and the 13th European conference on Foundations of software engineering-SIGSOFT/FSE '11, no. September 2011, p. 416, 2011.
A. Sakti, G. Pesant, and Y. G. Guéhéneuc, "Instance generator and problem representation to improve object oriented code coverage," IEEE Transactions on Software Engineering, vol. 41, no. 3, 2015.
I. S. Prasetya, "Budget-aware random testing with T3: Benchmarking at the SBST2016 testing tool contest," Proceedings-9th International Workshop on Search-Based Software Testing, SBST 2016, pp. 29-32, 2016.
M. M. Almasi, H. Hemmati, G. Fraser, A. Arcuri, and J. Benefelds, "An industrial evaluation of unit test generation: Finding real faults in a financial application," Proceedings-2017 IEEE/ACM 39th International Conference on Software Engineering: Software Engineering in Practice Track, ICSE-SEIP 2017, pp. 263-272, 2017.
S. Shamshiri, R. Just, J. M. Rojas, G. Fraser, P. McMinn, and A. Arcuri, "Do automatically generated unit tests find real faults An empirical study of effectiveness and challenges," Proceedings-2015 30th IEEE/ACM International Conference on Automated Software Engineering, ASE 2015, pp. 201-211, 2016.
"Junit." [Online]. Available: https://junit.org/
"Oracle jdeps." [Online]. Available: https://docs.oracle.com/javase/9/ tools/jdeps.htm
B. Evans, "Understanding java jit compilation with jitwatch, part 1," https://www.oracle.com/technical-resources/articles/java/ architect-evans-pt1.html, 2014.
OpenJDK, "Hotspot glossary of terms," http://openjdk.java.net/groups/ hotspot/docs/HotSpotGlossary.html, 2006.
Y. Liang and L. Yansheng, "An incremental compilation algorithm for the java programming language," in 2012 7th International Conference on Computer Science Education (ICCSE), 2012, pp. 1121-1124.
C. Pacheco and M. D. Ernst, "Randoop: feedback-directed random testing for java," in Companion to the 22nd ACM SIGPLAN conference on Object-oriented programming systems and applications companion, 2007, pp. 815-816.
K. Yatoh, K. Sakamoto, F. Ishikawa, and S. Honiden, "Feedbackcontrolled random test generation," in Proceedings of the 2015 International Symposium on Software Testing and Analysis, ser. ISSTA 2015. New York, NY, USA: ACM, 2015, pp. 316-326.
T. Yoshikawa, K. Shimura, and T. Ozawa, "Random program generator for java jit compiler test system," in Third International Conference on Quality Software, 2003. Proceedings. IEEE, 2003, pp. 20-23.
J. Chen, G. Wang, D. Hao, Y. Xiong, H. Zhang, and L. Zhang, "History-guided configuration diversification for compiler test-program generation," in 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE). IEEE, 2019, pp. 305-316.
J. Chen, W. Hu, D. Hao, Y. Xiong, H. Zhang, L. Zhang, and B. Xie, "An empirical comparison of compiler testing techniques," in Proceedings of the 38th International Conference on Software Engineering, 2016, pp. 180-190.
J. Regehr, Y. Chen, P. Cuoq, E. Eide, C. Ellison, and X. Yang, "Testcase reduction for c compiler bugs," ACM SIGPLAN Notices, vol. 47, pp. 335-346, 08 2012.
X. Yang, Y. Chen, E. Eide, and J. Regehr, "Finding and understanding bugs in c compilers," ACM SIGPLAN Notices, vol. 47, p. 283, 08 2012.
A. Boujarwah and K. Saleh, "Compiler test case generation methods: A survey and assessment," Information and Software Technology, vol. 39, pp. 617-625, 09 1997.
Q. Zhang, C. Sun, and Z. Su, "Skeletal program enumeration for rigorous compiler testing," in Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation, 2017, pp. 347-361.
J. Chen, G. Wang, D. Hao, Y. Xiong, H. Zhang, L. Zhang, and B. XIE, "Coverage prediction for accelerating compiler testing," IEEE Transactions on Software Engineering, vol. PP, pp. 1-1, 12 2018.
J. Chen, J. Han, P. Sun, L. Zhang, D. Hao, and L. Zhang, "Compiler bug isolation via effective witness test program generation," in Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2019, pp. 223-234.
C. Lidbury, A. Lascu, N. Chong, and A. F. Donaldson, "Many-core compiler fuzzing," ACM SIGPLAN Notices, vol. 50, no. 6, pp. 65-76, 2015.