Cargando…

Effective Fuzzing: From Noise to SIGSEGV

<!--HTML--><p>The term "fuzzing" was coined in the late 1980s as part of a class project at the University of Wisconsin. The goal of the project was to test the reliability of Unix programs by providing randomized inputs and monitoring for abnormal behavior. Since then, fuzzing...

Descripción completa

Detalles Bibliográficos
Autor principal: Denbow, Shawn
Lenguaje:eng
Publicado: 2019
Materias:
Acceso en línea:http://cds.cern.ch/record/2668372
_version_ 1780962166504947712
author Denbow, Shawn
author_facet Denbow, Shawn
author_sort Denbow, Shawn
collection CERN
description <!--HTML--><p>The term "fuzzing" was coined in the late 1980s as part of a class project at the University of Wisconsin. The goal of the project was to test the reliability of Unix programs by providing randomized inputs and monitoring for abnormal behavior. Since then, fuzzing has taken off as one of the foremost ways to uncover bugs in software of all forms.</p> <p>In this talk, we'll take a brief tour of the history of fuzzing and look at how it has evolved over time. We'll discuss the various techniques developed over time and learn to apply them in an effective / efficient manner. I'll provide insight into my experiences with fuzzing and finish the presentation with details and a demo of a tool I developed to bring coverage-guided fuzzing to the MS Windows kernel.</p> <p><strong>About the speaker</strong></p> <p><span>Shawn Denbow is currently a software engineer in Microsoft's Base Platform Technologies team working. Previously he worked as a security engineer in Microsoft's Platform Security &amp; Vulnerability Research team helping secure Hyper-V. His main interests are application security, reverse engineering and virtualization security. Before joining Microsoft, Shawn spent 4&nbsp;years in the U.S. Air Force conducting cyber operations.</span></p>
id cern-2668372
institution Organización Europea para la Investigación Nuclear
language eng
publishDate 2019
record_format invenio
spelling cern-26683722022-11-02T22:27:47Zhttp://cds.cern.ch/record/2668372engDenbow, ShawnEffective Fuzzing: From Noise to SIGSEGVEffective Fuzzing: From Noise to SIGSEGVCERN Computing Seminar<!--HTML--><p>The term "fuzzing" was coined in the late 1980s as part of a class project at the University of Wisconsin. The goal of the project was to test the reliability of Unix programs by providing randomized inputs and monitoring for abnormal behavior. Since then, fuzzing has taken off as one of the foremost ways to uncover bugs in software of all forms.</p> <p>In this talk, we'll take a brief tour of the history of fuzzing and look at how it has evolved over time. We'll discuss the various techniques developed over time and learn to apply them in an effective / efficient manner. I'll provide insight into my experiences with fuzzing and finish the presentation with details and a demo of a tool I developed to bring coverage-guided fuzzing to the MS Windows kernel.</p> <p><strong>About the speaker</strong></p> <p><span>Shawn Denbow is currently a software engineer in Microsoft's Base Platform Technologies team working. Previously he worked as a security engineer in Microsoft's Platform Security &amp; Vulnerability Research team helping secure Hyper-V. His main interests are application security, reverse engineering and virtualization security. Before joining Microsoft, Shawn spent 4&nbsp;years in the U.S. Air Force conducting cyber operations.</span></p>oai:cds.cern.ch:26683722019
spellingShingle CERN Computing Seminar
Denbow, Shawn
Effective Fuzzing: From Noise to SIGSEGV
title Effective Fuzzing: From Noise to SIGSEGV
title_full Effective Fuzzing: From Noise to SIGSEGV
title_fullStr Effective Fuzzing: From Noise to SIGSEGV
title_full_unstemmed Effective Fuzzing: From Noise to SIGSEGV
title_short Effective Fuzzing: From Noise to SIGSEGV
title_sort effective fuzzing: from noise to sigsegv
topic CERN Computing Seminar
url http://cds.cern.ch/record/2668372
work_keys_str_mv AT denbowshawn effectivefuzzingfromnoisetosigsegv