Using Concolic Testing to Refine Vulnerability Profiles in FUZZBUSTER

Vulnerabilities in today’s computer systems are relentlessly exploited by cyber attackers armed with sophisti- cated vulnerability search and exploit development toolkits. To protect against such threats, we are developing FUZZBUSTER, an automated system that provides adaptive immunity against a wide variety of cyber threats. FUZZBUSTER uses custom and off-the-shelf fuzz-testing tools to find vulnerabilities, create vulnerability profiles identifying the inputs that drive target programs to the corresponding faults, and synthesize adap- tations that prevent future exploits. We have adapted the CREST concolic testing tool so that FUZZBUSTER can refine a vulnerability profile by extracting the symbolic constraints stemming from concrete execution of a target program. This novel use of concolic testing enables FUZZBUSTER to automat- ically generalize a single fault-inducing input example into a symbolic description of the vulnerability, and thus create more effective adaptations.

Musliner, D. J., Rye, J. M., and Marble, T. Using Concolic Testing to Refine Vulnerability Profiles in FUZZBUSTER. SASO-12: Adaptive Host and Network Security Workshop at the Sixth IEEE International Conference on Self-Adaptive and Self-Organizing Systems, Lyon, France (September 2012). - [PDF]