A study report on virtualization technique

Goel, Neha; Gupta, Anshi; Singh, Sanjiv

doi:10.1109/ccaa.2016.7813908

Cited by 5 publications

(2 citation statements)

References 46 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…State [1] State [ [3] State [1] State [x] State [1] State [2] State [2] State [2] State [3] New states/branches New states/branches New states/branches New states/branches New states/branches Wireless Communications and Mobile Computing insertion, and segmentation. In order to reduce the memory resource consumption of fuzzing, we only save the changed parts of key structure corresponding to the high-value testcases, not the entire structure (4) Fuzzing front-end.…”

Section: Methodsmentioning

confidence: 99%

See 1 more Smart Citation

Framework for State‐Aware Virtual Hardware Fuzzing

Qin

Zhu

et al. 2021

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Coverage-based greybox fuzzing has strong capabilities in discovering virtualization software vulnerabilities. Efficiency is one of the most important indicators while evaluating greybox fuzzing. However, the interference of virtual hardware state conditions on testcase evaluation severely impairs the efficiency of greybox fuzzing. In order to reduce the interference of virtual hardware state conditions and increase the efficiency of fuzzing, we propose a state-based virtual hardware fuzzing framework, named SAVHF (State-Aware Virtual Hardware Fuzzing). In this framework, a source-to-source instrumentation method based on the abstract syntax tree is proposed to detect the state condition of virtual hardware. Based on the source-to-source instrumentation, we afterwards propose a state-based fuzzing strategy to adapt to the state conditions of virtual hardware. We realize the prototype system of SAVHF and use it to evaluate 17 popular virtual hardware of Qemu and find 16 bugs with 1 CVE (Common Vulnerabilities and Exposures) number assigned. Evaluation results demonstrate that the proposed SAVHF framework covers an average of more than 61% of virtual hardware code branches in the 18 hours testing and can improve the average code coverage by 11.04% compared with the path-based fuzzing strategy.

show abstract

Section: Methodsmentioning

confidence: 99%

“…Virtualization technology can provide users with with convenient service of privilege isolation protection. It is also an effective solution to reduce the cost of configuring multiple physical computing instances [1]. In order to enable the virtualization guest machine to access essential hardware (network cards, graphics cards, sound cards, etc.…”

mentioning

confidence: 99%