QSYM - A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing

QSYM - A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing

USENIX via YouTube Direct link

Re-execute to use concrete environment instead of kernel state forking

13 of 24

13 of 24

Re-execute to use concrete environment instead of kernel state forking

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

QSYM - A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Two popular ways to find security bugs: Fuzzing & Concolic execution
  3. 3 Fuzzing and Concolic execution have their own pros and cons
  4. 4 Hybrid fuzzing can address their problems
  5. 5 Hybrid fuzzing has achieved great success in small- scale study
  6. 6 However, current hybrid fuzzing suffers from problems to scale to real-world applications
  7. 7 Our system, QSYM, addresses these issues by introducing several key ideas
  8. 8 Overview: Hybrid fuzzing in general
  9. 9 Intermediate representations (IR) are good to make implementations easier
  10. 10 Execute instructions directly without using intermediate layer
  11. 11 QSYM reduces the number of instructions to execute symbolically
  12. 12 State forking can reduce re-execution overhead for constraint generation
  13. 13 Re-execute to use concrete environment instead of kernel state forking
  14. 14 Models minimal system calls and uses concrete values
  15. 15 incomplete constraints
  16. 16 Solve constraints optimistically
  17. 17 Our decision: Solve only the last constraint in the path
  18. 18 In hybrid fuzzing, generating incorrect inputs are fine due to fuzzing
  19. 19 Evaluation questions
  20. 20 QSYM scales to real-world software
  21. 21 QSYM can generate test cases that fuzzing is hard to find
  22. 22 Compare QSYM with Driller, a state-of-the-art hybrid fuzzing
  23. 23 QSYM achieved more code coverage due to its better performance
  24. 24 Driller achieved more code coverage if nested branches exist

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.