Bridging the Gaps of Grey-Box Fuzzing
Join our CI Rewind and Learn New Techniques for Emulation Based Fuzzing.
In this replay of their talk at FuzzCon Europe - Automotive Edition 2022, Continental’s Dr. Sheikh
Mahbub Habib and NTU’s Yuekang Li discuss the under-studied topic of target program execution in software testing.
Through industry practice, they’ve found that target program execution can be challenging for libraries or IoT software.
Therefore, they propose two techniques for emulation based fuzzing on IoT software and automated fuzz driver generation.
They have further implemented prototypes for these techniques and used them to find dozens of vulnerabilities in open-source libraries and routers.
About the Speakers
Dr.Sheikh Mahbub Habib is the Head of Growth Field "Security & Privacy" at Continental.
He is responsible for leading and driving product cybersecurity & innovation activities within the Automotive Technologies division.
Yuekang Li is a Research Assistant Professor in Continental-NTU Corporate Lab, Nanyang Technological University, Singapore.
His research interests include software testing techniques (especially fuzzing), as well as other security analysis and software quality assurance techniques.