A SYSTEMATIC REVIEW OF KERNEL FUZZING

PhD Qualifying Examination


Title: "A SYSTEMATIC REVIEW OF KERNEL FUZZING"

by

Mr. Hongyi LU


Abstract:

Fuzzing is one of the most representative program testing techniques for 
uncovering bugs and vulnerabilities. Unlike other techniques like symbolic 
execution or static analysis, fuzzing is not constrained by the program’s 
scale and has a lower false positive rate. Due to its practicability and 
effectiveness, fuzzing is widely used in the testing of complex software like 
web browsers and operating systems.

Kernel, as one of the most complex software systems, has long been relying on 
large-scale fuzzing to locate bugs and vulnerabilities. For instance, Syzbot 
project started by Google has been fuzzing Linux for years and has found over 
5,000 bugs.

In this survey, we aim to explore the state-of-the-art kernel fuzzing 
techniques, thereby identifying the limitations of current research and 
potentially shedding light on future research directions. We first go through 
the kernel fuzzing pipeline and introduce factors that might affect fuzzer’s 
performance at each stage. Then we systematically review the existing works 
on kernel fuzzing, understanding their workflow, and conduct experiments to 
evaluate their performance. Finally, based on the evaluation results, we 
discuss the limitations of current works and propose potential solutions for 
future research.


Date:                   Friday, 13 December 2024

Time:                   2:00pm - 4:00pm

Venue:                  Room 3598
                        Lifts 27/28

Committee Members:      Dr. Shuai Wang (Supervisor)
                        Dr. Wei Wang (Chairperson)
                        Dr. Dongdong She
                        Dr. Yongqiang Tian