Automated Fault Analysis and Filter Generation for Adaptive Cybersecurity

We are developing the FUZZBUSTER system to automatically identify software vulnerabilities and create adaptations that shield or repair those vulnerabilities before attackers can exploit them. Adaptive cybersecurity involves efficiently improv- ing software security to minimize the window of attack, and also preserving software functionality as much as possible. This paper presents new tools that have been integrated into FUZZBUSTER adaptive cybersecurity. These tools produce more general, accurate adaptations, increase the efficiency of FUZZBUSTER’s diagnoses and adaptation operations, and preserve the software’s functionality. We report the results of FUZZBUSTER’s analysis of 16 fault-injected command-line binaries and six previously known bugs in the Apache web server. We compare results over different configurations of FUZZBUSTER to characterize the benefits of the new fuzz-testing tools.

David J. Musliner, Scott E. Friedman, Jeffrey M. Rye. (2014). Automated Fault Analysis and Filter Generation for Adaptive Cybersecurity. ADAPTIVE 2014 : The Sixth International Conference on Adaptive and Self-Adaptive Systems and Applications. Venice, Italy. Best Paper Award. - [PDF]