Litcius/Paper detail

Semantic-Informed Driver Fuzzing Without Both the Hardware Devices and the Emulators

Wenjia Zhao, Kangjie Lu, Qiushi Wu, Yong Qi

202215 citationsDOIOpen Access PDF

Abstract

Device drivers are security-critical. In monolithic kernels like Linux, there are hundreds of thousands of drivers which run in the same privilege as the core kernel. Consequently, a bug in a driver can compromise the whole system. More critically, drivers are particularly buggy. First, drivers receive complex and untrusted inputs from not only the user space but also the hardware. Second, the driver code can be developed by less-experienced third parties, and is less tested because running a driver requires the corresponding hardware device or the emulator. Therefore, existing studies show that drivers tend to have a higher bug density and have become a major security threat. Existing testing techniques have to focus the fuzzing on a limited number of drivers that have the corresponding devices or the emulators, thus cannot scale.

Topics & Concepts

Fuzz testingComputer scienceComputer securityProgramming languageSoftwareAutonomous Vehicle Technology and SafetyHuman-Automation Interaction and SafetySoftware Testing and Debugging Techniques
Semantic-Informed Driver Fuzzing Without Both the Hardware Devices and the Emulators | Litcius