{"title":"海报:I/O边界的操作系统独立模糊测试","authors":"Masanori Misono, Takahiro Shinagawa","doi":"10.1145/3460120.3485359","DOIUrl":null,"url":null,"abstract":"Device drivers tend to be vulnerable to errant/malicious devices because many of them assume that devices always operate correctly. If a device driver is compromised either deliberately or accidentally, this can lead to system failure or give adversaries entire system access. Therefore, testing whether device drivers can handle compromised I/O correctly is important. There are several studies on testing device drivers against I/O attacks or device failures. Previous studies, however, either require source code for testing, lack test efficiency, only support a specific OS, or only target MMIO accesses. In this paper, we present a novel testing framework of device drivers' I/O boundaries. By combining a hypervisor-based fault injection mechanism and coverage-guided fuzzing scheme, our testing framework is not only OS-independent but also efficient and can test closed-source drivers. To get the information needed to test without OS cooperation, we use IOMMU to detect DMA regions and a hardware tracing mechanism to get coverage. We describe the detailed design and the current status.","PeriodicalId":135883,"journal":{"name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"POSTER: OS Independent Fuzz Testing of I/O Boundary\",\"authors\":\"Masanori Misono, Takahiro Shinagawa\",\"doi\":\"10.1145/3460120.3485359\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Device drivers tend to be vulnerable to errant/malicious devices because many of them assume that devices always operate correctly. If a device driver is compromised either deliberately or accidentally, this can lead to system failure or give adversaries entire system access. Therefore, testing whether device drivers can handle compromised I/O correctly is important. There are several studies on testing device drivers against I/O attacks or device failures. Previous studies, however, either require source code for testing, lack test efficiency, only support a specific OS, or only target MMIO accesses. In this paper, we present a novel testing framework of device drivers' I/O boundaries. By combining a hypervisor-based fault injection mechanism and coverage-guided fuzzing scheme, our testing framework is not only OS-independent but also efficient and can test closed-source drivers. To get the information needed to test without OS cooperation, we use IOMMU to detect DMA regions and a hardware tracing mechanism to get coverage. We describe the detailed design and the current status.\",\"PeriodicalId\":135883,\"journal\":{\"name\":\"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-11-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3460120.3485359\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3460120.3485359","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
POSTER: OS Independent Fuzz Testing of I/O Boundary
Device drivers tend to be vulnerable to errant/malicious devices because many of them assume that devices always operate correctly. If a device driver is compromised either deliberately or accidentally, this can lead to system failure or give adversaries entire system access. Therefore, testing whether device drivers can handle compromised I/O correctly is important. There are several studies on testing device drivers against I/O attacks or device failures. Previous studies, however, either require source code for testing, lack test efficiency, only support a specific OS, or only target MMIO accesses. In this paper, we present a novel testing framework of device drivers' I/O boundaries. By combining a hypervisor-based fault injection mechanism and coverage-guided fuzzing scheme, our testing framework is not only OS-independent but also efficient and can test closed-source drivers. To get the information needed to test without OS cooperation, we use IOMMU to detect DMA regions and a hardware tracing mechanism to get coverage. We describe the detailed design and the current status.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
