MemLock: Memory Usage Guided Fuzzing

Cheng Wen; Haijun Wang; Yuekang Li; Shengchao Qin; Yang Liu; Zhiwu Xu; Hongxu Chen; Xiaofei Xie; GeGuang  Pu; Ting Liu

doi:10.1145/3377811.3380396

MemLock: Memory Usage Guided Fuzzing

Cheng Wen, Haijun Wang, Yuekang Li, Shengchao Qin, Yang Liu, Zhiwu Xu, Hongxu Chen, Xiaofei Xie, GeGuang Pu, Ting Liu

Centre for Digital Innovation

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

495 Downloads (Pure)

Abstract

Uncontrolled memory consumption is a kind of critical software security weaknesses. It can also become a security-critical vulnerability when attackers can take control of the input to consume a large amount of memory and launch a Denial-of-Service attack. However, detecting such vulnerability is challenging, as the state-of-the-art fuzzing techniques focus on the code coverage but not memory consumption. To this end, we propose a memory usage guided fuzzing technique, named MemLock, to generate the excessive memory consumption inputs and trigger uncontrolled memory consumption bugs. The fuzzing process is guided with memory consumption information so that our approach is general and does not require any domain knowledge. We perform a thorough evaluation for MemLock on 14 widely-used real-world programs. Our experiment results show that MemLock substantially outperforms the state-of-the-art fuzzing techniques, including AFL, AFLfast, PerfFuzz, FairFuzz, Angora and QSYM, in discovering memory consumption bugs. During the experiments, we discovered many previously unknown memory consumption bugs and received 15 new CVEs.

Original language	English
Title of host publication	Proceedings - 2020 ACM/IEEE 42nd International Conference on Software Engineering, ICSE 2020
Publisher	ACM
Pages	765-777
Number of pages	13
ISBN (Electronic)	9781450371216
ISBN (Print)	9781450371216
DOIs	https://doi.org/10.1145/3377811.3380396
Publication status	Published - 27 Jun 2020
Event	42nd International Conference on Software Engineering - Seoul, Korea, Republic of Duration: 5 Oct 2020 → 11 Oct 2020 Conference number: ICSE 2020 https://conf.researchr.org/home/icse-2020

Publication series

Name	Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering
ISSN (Print)	0270-5257

Conference

Conference	42nd International Conference on Software Engineering
Country/Territory	Korea, Republic of
City	Seoul
Period	5/10/20 → 11/10/20
Internet address	https://conf.researchr.org/home/icse-2020

Bibliographical note

Funding Information:
This work was supported in part by the National Natural Science Foundation of China under Grants No. 61772347, 61836005, 61972260, 61772408, 61721002, Ant Financial Services Group through Ant Financial Research Program, Guangdong Basic and Applied Basic Research Foundation under Grant No. 2019A1515011577, National Key R&D Program of China under Grant No. 2018YFB0803501.

Publisher Copyright:
© 2020 Association for Computing Machinery.

Copyright:
Copyright 2020 Elsevier B.V., All rights reserved.

Access to Document

10.1145/3377811.3380396

Full textAccepted author manuscript, 1.02 MBLicence: CC BY-NC-ND

Shengchao Qin
- Centre for Digital Innovation
Person: Professorial

Cite this

Wen, C., Wang, H., Li, Y., Qin, S., Liu, Y., Xu, Z., Chen, H., Xie, X., Pu, G., & Liu, T. (2020). MemLock: Memory Usage Guided Fuzzing. In Proceedings - 2020 ACM/IEEE 42nd International Conference on Software Engineering, ICSE 2020 (pp. 765-777). [3380396] (Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering). ACM. https://doi.org/10.1145/3377811.3380396

@inproceedings{ac9b7f44c8df4c678afb12401c6ff55a,

title = "MemLock: Memory Usage Guided Fuzzing",

abstract = "Uncontrolled memory consumption is a kind of critical software security weaknesses. It can also become a security-critical vulnerability when attackers can take control of the input to consume a large amount of memory and launch a Denial-of-Service attack. However, detecting such vulnerability is challenging, as the state-of-the-art fuzzing techniques focus on the code coverage but not memory consumption. To this end, we propose a memory usage guided fuzzing technique, named MemLock, to generate the excessive memory consumption inputs and trigger uncontrolled memory consumption bugs. The fuzzing process is guided with memory consumption information so that our approach is general and does not require any domain knowledge. We perform a thorough evaluation for MemLock on 14 widely-used real-world programs. Our experiment results show that MemLock substantially outperforms the state-of-the-art fuzzing techniques, including AFL, AFLfast, PerfFuzz, FairFuzz, Angora and QSYM, in discovering memory consumption bugs. During the experiments, we discovered many previously unknown memory consumption bugs and received 15 new CVEs.",

author = "Cheng Wen and Haijun Wang and Yuekang Li and Shengchao Qin and Yang Liu and Zhiwu Xu and Hongxu Chen and Xiaofei Xie and GeGuang Pu and Ting Liu",

note = "Funding Information: This work was supported in part by the National Natural Science Foundation of China under Grants No. 61772347, 61836005, 61972260, 61772408, 61721002, Ant Financial Services Group through Ant Financial Research Program, Guangdong Basic and Applied Basic Research Foundation under Grant No. 2019A1515011577, National Key R&D Program of China under Grant No. 2018YFB0803501. Publisher Copyright: {\textcopyright} 2020 Association for Computing Machinery. Copyright: Copyright 2020 Elsevier B.V., All rights reserved.; 42nd International Conference on Software Engineering ; Conference date: 05-10-2020 Through 11-10-2020",

year = "2020",

month = jun,

day = "27",

doi = "10.1145/3377811.3380396",

language = "English",

isbn = "9781450371216",

series = "Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering",

publisher = "ACM",

pages = "765--777",

booktitle = "Proceedings - 2020 ACM/IEEE 42nd International Conference on Software Engineering, ICSE 2020",

url = "https://conf.researchr.org/home/icse-2020",

}

Wen, C, Wang, H, Li, Y, Qin, S, Liu, Y, Xu, Z, Chen, H, Xie, X, Pu, G & Liu, T 2020, MemLock: Memory Usage Guided Fuzzing. in Proceedings - 2020 ACM/IEEE 42nd International Conference on Software Engineering, ICSE 2020., 3380396, Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering, ACM, pp. 765-777, 42nd International Conference on Software Engineering, Seoul, Korea, Republic of, 5/10/20. https://doi.org/10.1145/3377811.3380396

MemLock: Memory Usage Guided Fuzzing. / Wen, Cheng; Wang, Haijun; Li, Yuekang et al.

Proceedings - 2020 ACM/IEEE 42nd International Conference on Software Engineering, ICSE 2020. ACM, 2020. p. 765-777 3380396 (Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - MemLock: Memory Usage Guided Fuzzing

AU - Wen, Cheng

AU - Wang, Haijun

AU - Li, Yuekang

AU - Qin, Shengchao

AU - Liu, Yang

AU - Xu, Zhiwu

AU - Chen, Hongxu

AU - Xie, Xiaofei

AU - Pu, GeGuang

AU - Liu, Ting

N1 - Conference code: ICSE 2020

PY - 2020/6/27

Y1 - 2020/6/27

N2 - Uncontrolled memory consumption is a kind of critical software security weaknesses. It can also become a security-critical vulnerability when attackers can take control of the input to consume a large amount of memory and launch a Denial-of-Service attack. However, detecting such vulnerability is challenging, as the state-of-the-art fuzzing techniques focus on the code coverage but not memory consumption. To this end, we propose a memory usage guided fuzzing technique, named MemLock, to generate the excessive memory consumption inputs and trigger uncontrolled memory consumption bugs. The fuzzing process is guided with memory consumption information so that our approach is general and does not require any domain knowledge. We perform a thorough evaluation for MemLock on 14 widely-used real-world programs. Our experiment results show that MemLock substantially outperforms the state-of-the-art fuzzing techniques, including AFL, AFLfast, PerfFuzz, FairFuzz, Angora and QSYM, in discovering memory consumption bugs. During the experiments, we discovered many previously unknown memory consumption bugs and received 15 new CVEs.

AB - Uncontrolled memory consumption is a kind of critical software security weaknesses. It can also become a security-critical vulnerability when attackers can take control of the input to consume a large amount of memory and launch a Denial-of-Service attack. However, detecting such vulnerability is challenging, as the state-of-the-art fuzzing techniques focus on the code coverage but not memory consumption. To this end, we propose a memory usage guided fuzzing technique, named MemLock, to generate the excessive memory consumption inputs and trigger uncontrolled memory consumption bugs. The fuzzing process is guided with memory consumption information so that our approach is general and does not require any domain knowledge. We perform a thorough evaluation for MemLock on 14 widely-used real-world programs. Our experiment results show that MemLock substantially outperforms the state-of-the-art fuzzing techniques, including AFL, AFLfast, PerfFuzz, FairFuzz, Angora and QSYM, in discovering memory consumption bugs. During the experiments, we discovered many previously unknown memory consumption bugs and received 15 new CVEs.

U2 - 10.1145/3377811.3380396

DO - 10.1145/3377811.3380396

M3 - Conference contribution

SN - 9781450371216

T3 - Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering

SP - 765

EP - 777

BT - Proceedings - 2020 ACM/IEEE 42nd International Conference on Software Engineering, ICSE 2020

PB - ACM

T2 - 42nd International Conference on Software Engineering

Y2 - 5 October 2020 through 11 October 2020

ER -

MemLock: Memory Usage Guided Fuzzing

Abstract

Publication series

Conference

Bibliographical note

Access to Document

Fingerprint

Profiles

Shengchao Qin

Cite this