TY - GEN
T1 - Memlock
T2 - 42nd ACM/IEEE International Conference on Software Engineering, ICSE 2020
AU - Wen, Cheng
AU - Wang, Haijun
AU - Li, Yuekang
AU - Qin, Shengchao
AU - Liu, Yang
AU - Xu, Zhiwu
AU - Chen, Hongxu
AU - Xie, Xiaofei
AU - Pu, Geguang
AU - Liu, Ting
N1 - Publisher Copyright:
© 2020 Association for Computing Machinery.
PY - 2020/6/27
Y1 - 2020/6/27
N2 - Uncontrolled memory consumption is a kind of critical software security weaknesses. It can also become a security-critical vulnerability when attackers can take control of the input to consume a large amount of memory and launch a Denial-of-Service attack. However, detecting such vulnerability is challenging, as the stateof- the-art fuzzing techniques focus on the code coverage but not memory consumption. To this end, we propose a memory usage guided fuzzing technique, named MemLock, to generate the excessive memory consumption inputs and trigger uncontrolled memory consumption bugs. The fuzzing process is guided with memory consumption information so that our approach is general and does not require any domain knowledge. We perform a thorough evaluation for MemLock on 14 widely-used real-world programs. Our experiment results show that MemLock substantially outperforms the state-of-the-art fuzzing techniques, including AFL, AFLfast, PerfFuzz, FairFuzz, Angora and QSYM, in discovering memory consumption bugs. During the experiments, we discovered many previously unknown memory consumption bugs and received 15 new CVEs.
AB - Uncontrolled memory consumption is a kind of critical software security weaknesses. It can also become a security-critical vulnerability when attackers can take control of the input to consume a large amount of memory and launch a Denial-of-Service attack. However, detecting such vulnerability is challenging, as the stateof- the-art fuzzing techniques focus on the code coverage but not memory consumption. To this end, we propose a memory usage guided fuzzing technique, named MemLock, to generate the excessive memory consumption inputs and trigger uncontrolled memory consumption bugs. The fuzzing process is guided with memory consumption information so that our approach is general and does not require any domain knowledge. We perform a thorough evaluation for MemLock on 14 widely-used real-world programs. Our experiment results show that MemLock substantially outperforms the state-of-the-art fuzzing techniques, including AFL, AFLfast, PerfFuzz, FairFuzz, Angora and QSYM, in discovering memory consumption bugs. During the experiments, we discovered many previously unknown memory consumption bugs and received 15 new CVEs.
UR - http://www.scopus.com/inward/record.url?scp=85091942708&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85091942708&partnerID=8YFLogxK
U2 - 10.1145/3377811.3380396
DO - 10.1145/3377811.3380396
M3 - Conference contribution
AN - SCOPUS:85091942708
T3 - Proceedings - International Conference on Software Engineering
SP - 765
EP - 777
BT - Proceedings - 2020 ACM/IEEE 42nd International Conference on Software Engineering, ICSE 2020
PB - IEEE Computer Society
Y2 - 27 June 2020 through 19 July 2020
ER -