Clinical Pharmacy in a South Indian Government Maternity Hospital

Directed fuzzing focuses on automatically testing specific parts of the code by taking advantage of additional information such as (partial) bug stack trace, patches or risky operations. Key applications include bug reproduction, patch testing and static analysis report verification. Although directed fuzzing has received a lot of attention recently, hard-to-detect vulnerabilities such as Use-After-Free (UAF) are still not well addressed, more especially at the binary level. We propose UAFUZZ, the first (binary-level) directed greybox fuzzer dedicated to UAF bugs. The technique features a fuzzing engine tailored to UAF specifics, a lightweight code instrumentation and an efficient bug triage step. Experimental evaluation for bug reproduction on real cases demonstrates that UAFUZZ significantly outperforms state-of-the-art directed fuzzers in terms of fault detection rate, time to exposure and bug triaging. UAFUZZ has also been proven effective in patch testing, leading to the discovery of 20 new bugs in Perl, GPAC and GNU Patch (including a buggy patch) -all of them have been acknowledged and 14 have been fixed. Last but not least, we provide to the community the first fuzzing benchmark dedicated to UAF, built on both real codes and real bugs.

show abstract

Towards Systematic and Dynamic Task Allocation for Collaborative Parallel Fuzzing

Pham

Nguyen

et al. 2021

View full text Add to dashboard Cite

Towards improving explainability, resilience and performance of cybersecurity analysis of 5G/IoT networks (work-in-progress paper)

Nguyen

Cavalli

et al. 2022

View full text Add to dashboard Cite

Artificial Intelligence (AI) is envisioned to play a critical role in controlling and orchestrating 5G/IoT networks and their applications, thanks to its capabilities to recognize abnormal patterns in complex situations and produce accurate decisions. However, AI models are vulnerable to adversarial attacks, thus the societal view is far from trustworthy as to its usage in safety critical areas relying on 5G/IoT networks. In this paper, we present ongoing work being done in the H2020 SPATIAL project that targets developing and evaluating AI-based modules for anomaly detection and Root Cause Analysis in the 5G/IoT context regarding different criteria, such as explainability, resilience and performance on a real 5G/IoT testbed.

show abstract

Study on Adversarial Attacks Techniques, Learning Methods and Countermeasures: Application to Anomaly Detection

Bouaziz

Nguyen

Valdés

et al. 2023

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Manh-Dung Nguyen

Directed Greybox Fuzzing

Semantic program repair using a reference implementation

Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities

Towards Systematic and Dynamic Task Allocation for Collaborative Parallel Fuzzing

Towards improving explainability, resilience and performance of cybersecurity analysis of 5G/IoT networks (work-in-progress paper)

Study on Adversarial Attacks Techniques, Learning Methods and Countermeasures: Application to Anomaly Detection

Contact Info

Product

Resources

About