MemLock: Memory Usage Guided Fuzzing

Cheng Wen; Haijun Wang; Yuekang Li; Shengchao Qin; Yang Liu; Zhiwu Xu; Hongxu Chen; Xiaofei Xie; GeGuang  Pu; Ting Liu

doi:10.1145/3377811.3380396

MemLock: Memory Usage Guided Fuzzing

Cheng Wen, Haijun Wang, Yuekang Li, Shengchao Qin, Yang Liu, Zhiwu Xu, Hongxu Chen, Xiaofei Xie, GeGuang Pu, Ting Liu

Centre for Digital Innovation

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

82 Downloads (Pure)

Abstract

Uncontrolled memory consumption is a kind of critical software security weaknesses. It can also become a security-critical vulnerability when attackers can take control of the input to consume a large amount of memory and launch a Denial-of-Service attack. However, detecting such vulnerability is challenging, as the state-of-the-art fuzzing techniques focus on the code coverage but not memory consumption. To this end, we propose a memory usage guided fuzzing technique, named MemLock, to generate the excessive memory consumption inputs and trigger uncontrolled memory consumption bugs. The fuzzing process is guided with memory consumption information so that our approach is general and does not require any domain knowledge. We perform a thorough evaluation for MemLock on 14 widely-used real-world programs. Our experiment results show that MemLock substantially outperforms the state-of-the-art fuzzing techniques, including AFL, AFLfast, PerfFuzz, FairFuzz, Angora and QSYM, in discovering memory consumption bugs. During the experiments, we discovered many previously unknown memory consumption bugs and received 15 new CVEs.

Original language	English
Title of host publication	42nd International Conference on Software Engineering (ICSE 2020)
Publisher	ACM
Number of pages	13
ISBN (Electronic)	9781450371216
DOIs	https://doi.org/10.1145/3377811.3380396
Publication status	Accepted/In press - 1 May 2020
Event	42nd International Conference on Software Engineering - Seoul, Korea, Republic of Duration: 5 Oct 2020 → 11 Oct 2020 Conference number: ICSE 2020 https://conf.researchr.org/home/icse-2020

Conference

Conference	42nd International Conference on Software Engineering
Country	Korea, Republic of
City	Seoul
Period	5/10/20 → 11/10/20
Internet address	https://conf.researchr.org/home/icse-2020

Access to Document

10.1145/3377811.3380396

Full textAccepted author manuscript, 1.02 MBLicence: CC BY-NC-ND

Fingerprint Dive into the research topics of 'MemLock: Memory Usage Guided Fuzzing'. Together they form a unique fingerprint.

Cite this

Wen, C., Wang, H., Li, Y., Qin, S., Liu, Y., Xu, Z., Chen, H., Xie, X., Pu, G., & Liu, T. (Accepted/In press). MemLock: Memory Usage Guided Fuzzing. In 42nd International Conference on Software Engineering (ICSE 2020) ACM. https://doi.org/10.1145/3377811.3380396

@inproceedings{ac9b7f44c8df4c678afb12401c6ff55a,

title = "MemLock: Memory Usage Guided Fuzzing",

abstract = "Uncontrolled memory consumption is a kind of critical software security weaknesses. It can also become a security-critical vulnerability when attackers can take control of the input to consume a large amount of memory and launch a Denial-of-Service attack. However, detecting such vulnerability is challenging, as the state-of-the-art fuzzing techniques focus on the code coverage but not memory consumption. To this end, we propose a memory usage guided fuzzing technique, named MemLock, to generate the excessive memory consumption inputs and trigger uncontrolled memory consumption bugs. The fuzzing process is guided with memory consumption information so that our approach is general and does not require any domain knowledge. We perform a thorough evaluation for MemLock on 14 widely-used real-world programs. Our experiment results show that MemLock substantially outperforms the state-of-the-art fuzzing techniques, including AFL, AFLfast, PerfFuzz, FairFuzz, Angora and QSYM, in discovering memory consumption bugs. During the experiments, we discovered many previously unknown memory consumption bugs and received 15 new CVEs.",

author = "Cheng Wen and Haijun Wang and Yuekang Li and Shengchao Qin and Yang Liu and Zhiwu Xu and Hongxu Chen and Xiaofei Xie and GeGuang Pu and Ting Liu",

year = "2020",

month = may,

day = "1",

doi = "10.1145/3377811.3380396",

language = "English",

booktitle = "42nd International Conference on Software Engineering (ICSE 2020)",

publisher = "ACM",

note = "42nd International Conference on Software Engineering ; Conference date: 05-10-2020 Through 11-10-2020",

url = "https://conf.researchr.org/home/icse-2020",

}

TY - GEN

T1 - MemLock: Memory Usage Guided Fuzzing

AU - Wen, Cheng

AU - Wang, Haijun

AU - Li, Yuekang

AU - Qin, Shengchao

AU - Liu, Yang

AU - Xu, Zhiwu

AU - Chen, Hongxu

AU - Xie, Xiaofei

AU - Pu, GeGuang

AU - Liu, Ting

N1 - Conference code: ICSE 2020

PY - 2020/5/1

Y1 - 2020/5/1

N2 - Uncontrolled memory consumption is a kind of critical software security weaknesses. It can also become a security-critical vulnerability when attackers can take control of the input to consume a large amount of memory and launch a Denial-of-Service attack. However, detecting such vulnerability is challenging, as the state-of-the-art fuzzing techniques focus on the code coverage but not memory consumption. To this end, we propose a memory usage guided fuzzing technique, named MemLock, to generate the excessive memory consumption inputs and trigger uncontrolled memory consumption bugs. The fuzzing process is guided with memory consumption information so that our approach is general and does not require any domain knowledge. We perform a thorough evaluation for MemLock on 14 widely-used real-world programs. Our experiment results show that MemLock substantially outperforms the state-of-the-art fuzzing techniques, including AFL, AFLfast, PerfFuzz, FairFuzz, Angora and QSYM, in discovering memory consumption bugs. During the experiments, we discovered many previously unknown memory consumption bugs and received 15 new CVEs.

AB - Uncontrolled memory consumption is a kind of critical software security weaknesses. It can also become a security-critical vulnerability when attackers can take control of the input to consume a large amount of memory and launch a Denial-of-Service attack. However, detecting such vulnerability is challenging, as the state-of-the-art fuzzing techniques focus on the code coverage but not memory consumption. To this end, we propose a memory usage guided fuzzing technique, named MemLock, to generate the excessive memory consumption inputs and trigger uncontrolled memory consumption bugs. The fuzzing process is guided with memory consumption information so that our approach is general and does not require any domain knowledge. We perform a thorough evaluation for MemLock on 14 widely-used real-world programs. Our experiment results show that MemLock substantially outperforms the state-of-the-art fuzzing techniques, including AFL, AFLfast, PerfFuzz, FairFuzz, Angora and QSYM, in discovering memory consumption bugs. During the experiments, we discovered many previously unknown memory consumption bugs and received 15 new CVEs.

U2 - 10.1145/3377811.3380396

DO - 10.1145/3377811.3380396

M3 - Conference contribution

BT - 42nd International Conference on Software Engineering (ICSE 2020)

PB - ACM

T2 - 42nd International Conference on Software Engineering

Y2 - 5 October 2020 through 11 October 2020

ER -