Approaches for improving the efficiency of protected OS components fuzzing
Victoriia Vyacheslavovna EGOROVA,
Alexey Sergeevich PANOV,
Vladimir Yurevich TELEZHNIKOV,
Petr Nikolaevich DEVYANIN https://doi.org/10.15514/ISPRAS-2022-34(4)-2
Abstract
Fuzzing as a part of the continuous integration is a necessary tool, aimed primarily at the providing confidence in the software being developed. At the same time, in the presence of significant amounts of the source code, fuzzing becomes a resource-intensive task. That’s why increasing the efficiency of fuzzing to reach needed code sections more quickly without reducing quality becomes an important line of research. The article deals with approaches to improve the efficiency of fuzzing both for kernel and for user-space software. On the other hand, on these amounts of program code, static code analysis produces a huge number of warnings about possible errors, and the main resources within this type of analysis are required not to obtain to result, but for analytical processing. In this regard, in the article considerable attention is paid to the approach of correlating the results of static and dynamic code analysis using the developed tool, which also allows to implement directed fuzzing in order to confirm the warnings of static analyzer, which significantly increases the efficiency of testing components of the protected OS Astra Linux.
About the Authors
Victoriia Vyacheslavovna EGOROVA
RusBITech-Astra
Russian Federation
Russian Federation
Senior Researcher
Alexey Sergeevich PANOV
RusBITech-Astra
Russian Federation
Russian Federation
Researcher
Vladimir Yurevich TELEZHNIKOV
RusBITech-Astra
Russian Federation
Russian Federation
Ph.D in Technical Science, Head of Research Department
Petr Nikolaevich DEVYANIN
RusBITech-Astra
Russian Federation
Russian Federation
Doctor of Technical Sciences, Corresponding Member of Russian Academy of Cryptography, Professor, Scientific Director in RusBITech-Astra
References
1. Информационное сообщение ФСТЭК России от 10.02.2021 № 240/24/ / Informational message of FSTEK Russia of 10th February 2021 #240/24/647. Available at: https://fstec.ru/normotvorcheskaya/informatsionnye-i-analiticheskie-materialy/2171-informatsionnoe-soobshchenie-fstek-rossii-ot-10-fevralya-2021-g-n-240-24-647, accessed 12.09.2022 (in Russian).
2. Девянин П.Н., Тележников В.Ю., Третьяков С.В. Основы безопасности операционной системы Astra Linux Special Edition. Управление доступом. Учебное пособие. М., Горячая линия – Телеком, 2022 г., 148 стр. / Devyanin P.N., Telezhnikov V.Y., Tret’yakov S.V. Astra Linux Special Edition security basics. Access control. Hotline-Telecom, 2022, 148 p. (in Russian).
3. Девянин П.Н. Модели безопасности компьютерных систем. Управление доступом и информационными потоками. Учебное пособие для вузов. М., Горячая линия – Телеком, 2020 г., 352 стр. / Devyanin P.N. Security models of computer systems. Control for access and information flows. Hotline-Telecom, 2020, 352 p. (in Russian).
4. Проект syzbot / Syzbot project. Available at: https://syzkaller.appspot.com, accessed 12.09.2022.
5. Технологический центр исследования безопасности ядра Linux / The Linux Kernel Security Technology Research Center. Available at: https://portal.linuxtesting.ru, accessed 12.09.2022 (in Russian).
6. Syzkaller / Syzkaller. Available at: https://github.com/google/syzkaller, accessed 12.09.2022.
7. Инструментальное средство фаззинг-тестирования American Fuzzy Lop / American Fuzzy Lop. Available at: https://github.com/google/AFL, accessed 12.09.2022.
8. Инструментальное средство фаззинг-тестирования libFuzzer / libFuzzer. Available at: https://llvm.org/docs/LibFuzzer.html, accessed 12.09.2022.
9. Комплекс динамического анализа программ Crusher / ISP Crusher: a dynamic analysis toolset. Available at: https://www.ispras.ru/en/technologies/crusher/, accessed 12.09.2022 (in Russian).
10. Инструментальное средство сбора и подсчета покрытия Gcov / Gcov: source code coverage analysis and statement-by-statement profiling tool. Available at: https://gcc.gnu.org/onlinedocs/gcc-4.5.2/gcc/Gcov.html, accessed 12.09.2022.
11. Инструментальное средство визуализации покрытия Lcov / Lcov: graphical front-end for Gcov. Available at: https://github.com/linux-test-project/lcov, accessed 12.09.2022.
12. GitLab. Веб-инструмент жизненного цикла DevOps / GitLab. A full DevOps tool. Available at: http://gitlab.com, accessed 12.09.2022.
13. ГОСТ Р 56939-2016 «Защита информации. Разработка безопасного программного обеспечения. Общие требования» / GOST R 56939-2016 «Information protection. Secure Software Development. General requirements». Federal Agency for Technical Regulation and Metrology, 2016 (in Russian).
14. KEDR. Расширяемая система для динамического анализа модулей ядра Linux / KEDR. An extensible system for dynamic analysis and verification Linux kernel modules. Available at: https://github.com/euspectre/kedr, accessed 12.09.2022.
15. Набор инструментов для мониторинга Prometheus / Prometheus. An open source monitoring system. Available at: https://prometheus.io, accessed 12.09.2022.
16. Платформа для визуализации данных Grafana / Grafana. Multi-platform open-source analytics and interactive visualization web application. Available at https://grafana.com, accessed 12.09.2022.
17. Девянин П.Н., Хорошилов А.В., Тележников В.Ю. Формирование методологии разработки безопасного системного программного обеспечения на примере операционных систем. Труды ИСП РАН, том 33, вып. 5, 2021 г., стр. 25-40 / Devyanin P.N., Telezhnikov V.Y., Khoroshilov V.V. Building a methodology for secure system software development on the example of operating systems. Trudy ISP RAN/Proc. ISP RAS, vol. 33, issue 5, 2021, pp. 25-40 (in Russian). DOI: 10.15514/ISPRAS–2021–33(5)–2.
18. Статический анализатор Svace / SVACE static analyzer. Available at: http://www.ispras.ru/technologies/svace, accessed 12.09.2022 (in Russian).
19. Набор утилит для аудита безопасности приложений BugBane / BugBane. A set of utilites for auditing application security. Available at: https://github.com/gardatech/bugbane, accessed 12.09.2022 (in Russian).
20. Cheng L., Zhang Y. et al. Optimizing seed inputs in fuzzing with machine learning. In Proc. of the 41st International Conference on Software Engineering: Companion Proceedings, 2019, pp. 244-245.
21. Cummins C., Petoumenos P. et al. Compiler fuzzing through deep learning. In Proc. of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis, 2018, pp. 95-105.
22. Godefroid P., Peleg H., Singh R.. Learn&Fuzz: Machine learning for input fuzzing. In Proc. of the 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE), 2017, pp. 50-59.
23. Wang Y., Jia P. et al. A systematic review of fuzzing based on machine learning techniques. PLoS ONE, vol. 15, issue 8, 2020, article no. e0237749, 37 p.
24. Lyu C., Ji S. et al. SmartSeed: Smart Seed Generation for Efficient Fuzzing. arXiv preprint arXiv:1807.02606, 2018, 17 p.
25. Gong W, Zhang G, Zhou X. Learn to Accelerate Identifying New Test Cases in Fuzzing. Lecture Notes in Computer Science, vol. 10656, 2017, pp. 298-307.
26. Rajpal M, Blum W, Singh R. Not all bytes are equal: Neural byte sieve for fuzzing. arXiv preprint arXiv: 1711.04596, 2017, pp. 1-10.
27. Lyu C., Ji S. et al. MOPT: Optimized Mutation Scheduling for Fuzzers. In Proc. of the 28th USENIX Security Symposium (USENIX Security 19), 2019, pp. 1949–1966.
Review
For citations:
EGOROVA V.V., PANOV A.S., TELEZHNIKOV V.Yu., DEVYANIN P.N. Approaches for improving the efficiency of protected OS components fuzzing. Proceedings of the Institute for System Programming of the RAS (Proceedings of ISP RAS). 2022;34(4):21-34. (In Russ.) https://doi.org/10.15514/ISPRAS-2022-34(4)-2
Email this article 