Publication Type
Conference Proceeding Article
Version
publishedVersion
Publication Date
5-2020
Abstract
Uncontrolled memory consumption is a kind of critical software security weaknesses. It can also become a security-critical vulnerability when attackers can take control of the input to consume a large amount of memory and launch a Denial-of-Service attack. However, detecting such vulnerability is challenging, as the state-of-the-art fuzzing techniques focus on the code coverage but not memory consumption. To this end, we propose a memory usage guided fuzzing technique, named MemLock, to generate the excessive memory consumption inputs and trigger uncontrolled memory consumption bugs. The fuzzing process is guided with memory consumption information so that our approach is general and does not require any domain knowledge. We perform a thorough evaluation for MemLock on 14 widely-used real-world programs. Our experiment results show that MemLock substantially outperforms the state-of-the-art fuzzing techniques, including AFL, AFLfast, PerfFuzz, FairFuzz, Angora and QSYM, in discovering memory consumption bugs. During the experiments, we discovered many previously unknown memory consumption bugs and received 15 new CVEs.
Keywords
Fuzz Testing, Software Vulnerability, Memory Consumption
Discipline
OS and Networks | Software Engineering
Research Areas
Software and Cyber-Physical Systems
Publication
Proceedings of the 42nd International Conference on Software Engineering, Seoul, South Korea, 2020, May 23-29
First Page
765
Last Page
777
ISBN
9781450371216
Identifier
10.1145/3377811.3380396
Publisher
Association for Computing Machinery
City or Country
Seoul, South Korea
Citation
WEN, Cheng; WANG, Haijun; LI, Yuekang; QIN, Shengchao; LIU, Yang; XU, Zhiwu; CHEN, Hongxu; Xiaofei XIE; PU, Geguang; and LIU, Ting.
MemLock: Memory usage guided fuzzing. (2020). Proceedings of the 42nd International Conference on Software Engineering, Seoul, South Korea, 2020, May 23-29. 765-777.
Available at: https://ink.library.smu.edu.sg/sis_research/7081
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.