New Research Talk: Repurposing Systems Techniques for Kernel Driver Fuzzing

Name: New Research Talk: Repurposing Systems Techniques for Kernel Driver Fuzzing
Start: 2023-09-12T18:00:00+02:00
End: 2023-09-12T20:00:00+02:00
Location: SBA Research

Hosted by Nicolas P.

OWASP Chapter Vienna (fromer SBA Security Meetup)

Details

# This meeting is organized as an on-site event only.

Talk: Repurposing Systems Techniques for Kernel Driver Fuzzing

Vulnerabilities in kernel-mode device drivers (henceforth "kernel drivers") continue to pose a substantial threat to OS kernel security. In this talk, I will present three system-level solutions we developed to make kernel driver fuzzing more effective, more efficient, or both. I will first introduce PeriScope (appeared at NDSS 2019), a solution that enables fuzzing the peripheral interface of kernel drivers. I will explain how CPU-side page faults can be repurposed to fuzz the peripheral input interface of PCI drivers and find bugs. Next, I will present Agamotto (USENIX Security 2020), a virtual machine checkpoint-restore technique repurposed to accelerate kernel driver fuzzing. Finally, I will present ReUSB (USENIX Security 2023), our systems solution that uses accurate record-and-replay to make USB driver fuzzing significantly more effective. I will explain how the traditional record-and-replay technique can be synergistically combined with fuzzing to find deeper bugs. I will conclude the talk by unifying the three solutions under a common theme of "repurposing systems techniques for kernel driver fuzzing".

Speaker & Details:

Dokyung Song (Assistant Professor at Yonsei University)

Talk language: English

On-site event only!: Floragasse 7, 1040 Vienna (5. floor)

About the Speaker: Dokyung Song

*********************

I am an Assistant Professor in the Department of Computer Science in College of Computing at Yonsei University, and the director of Yonsei University’s Cyber Security Lab. I am also the faculty advisor of the Yonsei Security Club. Prior to joining Yonsei University, I was a Post-Doctoral Scholar working with Michael Franz in Secure Systems Lab at University of California, Irvine. I received my Ph.D. and M.S. degree from the department of Computer Science at UC Irvine, and my B.S. degree from the department of Electrical and Computer Engineering at Seoul National University. My research interest lies in understanding and finding security vulnerabilities in systems software.

Agenda

*********

17:55: Gathering

18:15: Talk: “Repurposing Systems Techniques for Kernel Driver Fuzzing”

19:00: Q&A

Looking forward to seeing you there!

Events in Wien

Web Security

Mobile Technology

Software Development

Web Development

Web Technology

New Research Talk: Repurposing Systems Techniques for Kernel Driver Fuzzing

OWASP Chapter Vienna (fromer SBA Security Meetup)

Details

Members are also interested in