Kernel Fuzzing Based on System Call Sequence Learning
CSTR:
Author:
Affiliation:

Clc Number:

Fund Project:

  • Article
  • |
  • Figures
  • |
  • Metrics
  • |
  • Reference
  • |
  • Related
  • |
  • Cited by
  • |
  • Materials
  • |
  • Comments
    Abstract:

    The operating system kernel is the most fundamental software component in a computer system. It controls and manages computer hardware resources and provides interfaces and services necessary for accessing and managing other applications. The security of the operating system kernel directly affects the stability and reliability of the entire computer system. Kernel fuzzing is an efficient and accurate security vulnerability detection method. However, in current kernel fuzzing work, the overhead of calculating the relationship between system calls is too high, or it is easy to misjudge the relationship between system calls. In addition, the existing method for constructing system call sequences lacks reasonable energy allocation, making it difficult to explore problems of low-frequency system calls. This study proposes to learn the relationship between system calls by using an N-gram model and prioritize the expansion of system calls with low frequency or high TF-IDF values based on the frequency and TF-IDF information of system call occurrences. With minimal overhead, this study achieves a coverage increase of 15.8% and 14.7% in 24-hour experiments on Linux versions 4.19 and 5.19, respectively. Besides, one known CVE (CVE-2022-3524) and eight new crashes are discovered, one of which is numbered CNNVD (CNNVD-2023-84723975).

    Reference
    Related
    Cited by
Get Citation

张阳,范俊杰,孙晓山,张颖君,程亮.基于系统调用序列学习的内核模糊测试.计算机系统应用,2023,32(9):19-31

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:February 17,2023
  • Revised:March 14,2023
  • Adopted:
  • Online: July 14,2023
  • Published:
Article QR Code
You are the firstVisitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-3
Address:4# South Fourth Street, Zhongguancun,Haidian, Beijing,Postal Code:100190
Phone:010-62661041 Fax: Email:csa (a) iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063