[Colloq] Master's Thesis Defense - Francis Adkins - Platform Agnostic Binary Coverage Maximization - April 13, 11am - 166 WVH

Fong, Andy a.fong at neu.edu
Tue Apr 7 10:09:59 EDT 2015 

Author: Frank Adkins
Time: 11:00AM - 12:30PM Monday, April 13th
Location: 166 WVH

Title: Platform Agnostic Binary Coverage Maximization
Abstract:
Software security hinges on the need for developers to find vulnerabilities in their software before malicious users do. However, input test suites are manually intensive to produce and typically fail to exercise every line of the target program. This dilemma generally  prescribes the use of a fuzzer. However, modern techniques often fail to maximize coverage either because they lack the information necessary to make progress or require too much to be practical. In our research, we aim to strike an ideal balance in this spectrum and also to address architectures that are commonly excluded from security research.

In this thesis, we approach the concept of automated test case generation as it pertains to user-controlled input files. Our primary targets are those which consume structured input such as media or compression parsing libraries. Given only a stripped target binary, our goal is to maximize the coverage of that binary by generating a thorough test suite. Utilizing the PANDA platform, we employ taint tracing and branch coverage techniques to drive execution to previously uncovered code.
With these methods, we demonstrate significant increases in code coverage in certain cases and highlight the potential for immediate practical application. Furthermore, we demonstrate prioritization techniques to quickly enhance branch coverage and describe a novel method to retrieve otherwise inextricable information by composing analyses of a target compiled for multiple architectures or at multiple optimization levels.

Thesis Committee:
    Dr. William Robertson
    Dr. Engin Kirda
    Timothy Leek
    Kyle Ingols


Andrew W. Fong
Assistant Director for Graduate Admissions and Enrollment

Northeastern University
College of Computer and Information Science
360 Huntington Avenue
451 West Village H
Boston, MA 02115
617-373-8493
a.fong at neu.edu

More information about the Colloq mailing list