The monolithic nature of modern OS kernels leads to a constant stream of bugs being discovered automatically by various techniques, among which fuzzing is most commonly used in both academia and industry due to its effectiveness. According to syzbot, Google’s continuous kernel fuzzing platform, it has unveiled 4640 vulnerabilities in Linux kernels. Despite its tremendous success, we identified two steps in the process that remain relying on manual labor. More specifically, 1) maintainers are overwhelmed by the excessive amount of bugs, but only a subset of them are serious enough to lead to security takeovers (i.e., privilege escalations) and demand immediate fixes. Thus, the automated bug triaging process is one key missing piece to securi...
The overall security posture of operating systems ’ kernels – and specif-ically the Microsoft Window...
The Universal Serial Bus (USB) connects external devices to a host. This interface exposes the OS ke...
The proliferation of kernel mode malware and rootkits over the last decade is one of the most critic...
Today's mainstream operating systems (OSs) have monolithic kernels, in which low-level systems softw...
System software is a lucrative target for cyber attacks due to its high privilege and large att...
Abstract Exploitability assessment of vulnerabilities is important for both defenders and attackers....
The operating system kernel security is critical for the overall system reliability, since the kerne...
Linux kernel is pervasive in the cloud, on mobile platforms, and on supercomputers. To support these...
Kernel fuzzing is important for finding critical kernel vulnerabilities. Close-source (e.g., Windows...
The vast majority of hosts on the Internet, including mobile clients, are running one of three commo...
Our computers, phones, and other smart devices are running a vast and ever increasing amount of soft...
Device drivers are an essential part in modern Unix-like systems to handle operations on physical de...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
In the 21st century, the rapid growth of technology has become indispensable in people’s daily lives...
Software is continually increasing in size and complexity, and therefore, vulnerability discovery wo...
The overall security posture of operating systems ’ kernels – and specif-ically the Microsoft Window...
The Universal Serial Bus (USB) connects external devices to a host. This interface exposes the OS ke...
The proliferation of kernel mode malware and rootkits over the last decade is one of the most critic...
Today's mainstream operating systems (OSs) have monolithic kernels, in which low-level systems softw...
System software is a lucrative target for cyber attacks due to its high privilege and large att...
Abstract Exploitability assessment of vulnerabilities is important for both defenders and attackers....
The operating system kernel security is critical for the overall system reliability, since the kerne...
Linux kernel is pervasive in the cloud, on mobile platforms, and on supercomputers. To support these...
Kernel fuzzing is important for finding critical kernel vulnerabilities. Close-source (e.g., Windows...
The vast majority of hosts on the Internet, including mobile clients, are running one of three commo...
Our computers, phones, and other smart devices are running a vast and ever increasing amount of soft...
Device drivers are an essential part in modern Unix-like systems to handle operations on physical de...
The most common cyber-attack vector is exploit of software vulnerability. Despite much efforts towar...
In the 21st century, the rapid growth of technology has become indispensable in people’s daily lives...
Software is continually increasing in size and complexity, and therefore, vulnerability discovery wo...
The overall security posture of operating systems ’ kernels – and specif-ically the Microsoft Window...
The Universal Serial Bus (USB) connects external devices to a host. This interface exposes the OS ke...
The proliferation of kernel mode malware and rootkits over the last decade is one of the most critic...