Overview
Explore the innovative approach to fuzzing file systems through two-dimensional input space exploration in this 20-minute conference talk presented at the 2019 IEEE Symposium on Security & Privacy. Delve into the challenges of traditional file system testing methods and discover how JANUS, a groundbreaking feedback-driven fuzzer, addresses these issues. Learn about the unique features of JANUS, including its ability to mutate metadata on large images while generating image-directed file operations, and its use of a library OS for improved bug reproducibility. Examine the impressive results of JANUS when tested on eight file systems, including the discovery of 90 bugs in the upstream Linux kernel and its superior code coverage compared to existing fuzzers. Gain insights into the potential impact of this technique on enhancing file system security and reliability in modern operating systems.
Syllabus
Fuzzing File Systems via Two-Dimensional Input Space Exploration
Taught by
IEEE Symposium on Security and Privacy