Improving Linux Kernel Fuzzing
In the Linux Kernel project, one of the most rapidly evolving code bases, fuzz testing is a successful approach for vulnerability detection. However, with the high rate of change in the kernel code, testing each change thoroughly becomes a challenge. With this study, we explore various ways to improve the current Linux Kernel testing landscape. We identify and contribute novel ways of leveraging previously discovered crashes in the Linux Kernel. We call it enriched corpus. We also investigate aspects of program generation for system call fuzzers using iterative deepening.
We work with the state of the art kernel fuzzers like syzkaller [11] and HEALER [9]. During this research, we identified many new kernel bugs, and contribute a new open source framework for enriching fuzzer corpus [6]. We also identify challenges in working with corpus and discuss our ongoing experiments and lay out future areas for research. These findings provide insight into improving the Linux Kernel fuzz testing process for higher system reliability and security.
History
Date
2023-05-03Degree Type
- Master's Thesis
Department
- Information Networking Institute
Degree Name
- Master of Science (MS)