Security MeetUp: Research Talk – Repurposing Systems Techniques for Kernel Driver Fuzzing

Talk: Repurposing Systems Techniques for Kernel Driver Fuzzing

Vulnerabilities in kernel-mode device drivers (henceforth “kernel drivers”) continue to pose a substantial threat to OS kernel security. In this talk, I will present three system-level solutions we developed to make kernel driver fuzzing more effective, more efficient, or both. I will first introduce PeriScope (appeared at NDSS 2019), a solution that enables fuzzing the peripheral interface of kernel drivers. I will explain how CPU-side page faults can be repurposed to fuzz the peripheral input interface of PCI drivers and find bugs. Next, I will present Agamotto (USENIX Security 2020), a virtual machine checkpoint-restore technique repurposed to accelerate kernel driver fuzzing. Finally, I will present ReUSB (USENIX Security 2023), our systems solution that uses accurate record-and-replay to make USB driver fuzzing significantly more effective. I will explain how the traditional record-and-replay technique can be synergistically combined with fuzzing to find deeper bugs. I will conclude the talk by unifying the three solutions under a common theme of “repurposing systems techniques for kernel driver fuzzing”.

Agenda

17:55: Gathering
18:15: Talk: “Repurposing Systems Techniques for Kernel Driver Fuzzing”
19:00: Q&A

Looking forward to seeing you there!

About the Speaker: Dokyung Song

I am an Assistant Professor in the Department of Computer Science in College of Computing at Yonsei University, and the director of Yonsei University’s Cyber Security Lab. I am also the faculty advisor of the Yonsei Security Club. Prior to joining Yonsei University, I was a Post-Doctoral Scholar working with Michael Franz in Secure Systems Lab at University of California, Irvine. I received my Ph.D. and M.S. degree from the department of Computer Science at UC Irvine, and my B.S. degree from the department of Electrical and Computer Engineering at Seoul National University. My research interest lies in understanding and finding security vulnerabilities in systems software.