Overview
Syllabus
Intro
$ Android is everywhere!!
$ Bugs in Android (First Half of 2017)..
$ Okay! Why is it hard to find these bugs?
$ Static Analysis: Existing tools
$ Ideal Static analysis tool
$ Tracking user data: pointer analysis
$ Kernel drivers are small!!
$ DR.CHECKER: Story of the name
$ DR.CHECKER Overview
$ DR.CHECKER: SDTraversal
$ DR.CHECKER: Vulnerability Detectors
$ DR.CHECKER: Bue in Mediatek Accdet driver
$ DR.CHECKER: Bug in Samsung SensorHub drive
$ DR.CHECKER: Open Source and Dockerized
$ DR.CHECKER is not enough!!
$ Dynanic Analysis: Fuzzing!!
$ Fuzzing: Good Luck!!
$ Fuzzing: Highly constrained input
$ Drivers Expect Highly structured input
$ Bugs are hard to trigeer
$ DIFUZE: Idea
$ DIFUZE: Overview
$ DIFUZE: Interface Recovery
$ DIFUZE: Structure Generation
$ DIFUZE: On Device Execution
$ DIFUZE: Evaluation
$ DIFUZE: Bug Types
$ DIFUZE: Open Source
$ In Progress: drchecker.io
$ Tracking user data: Taint Propagation
Taught by
nullcon