Abhik Roychoudhury
Description: FuzzInfer: Fuzzing Protocol Implementations
software engineering (1168) efficiency (676) marcel (215) böhme (23) boehme (4) bohme (3) bã¶hme (2) testing efficiency (1) efficiency of automated testing (1)
Home Summary Team
The discovery of vulnerabilities in web applications before an attacker does can save companies millions of dollars. According to a 2018 study "[..] the total average cost of web application attacks in APAC over the past 12 months was $2.4 million per company, while the total average cost of DoS attacks was $1.1 million. [..] Web application attacks are a constant threat for companies. 43 percent of respondents said that web application security is more critical than other security issues faced by their org
This project aims to develop stateful fuzzing techniques that can discover vulnerabilities that could otherwise be used for remote arbitrary execution attacks. In this project, we are planning to first tackle the challenges of statefulness and protocol inference before we address the (greybox) problem where only the compiled x86 program binary of the protocol implementation or web application is available.
Abhik Roychoudhury