SyzScope: Revealing High-Risk Security Impacts of Fuzzer-Exposed Bugs

Explore the critical aspects of fuzzer-exposed bugs and their high-risk security impacts in this 32-minute conference talk. Delve into the challenges of managing numerous bugs and patches, and discover innovative approaches to prioritize and address security vulnerabilities. Learn about SyzScope's two operational modes for open and fixed bugs, and gain insights into its workflow. Examine the role of fuzzing in new context verification and impact-aware fuzzing techniques. Understand the architecture of symbolic execution and its application in identifying security impacts. Analyze the overall results and evaluation of fuzzing and symbolic execution methods presented by Xiaochen Zou from the University of California, Riverside.

Intro
Background
Bug's security impact
Motivation - Too many bugs to fix
Motivation - Too many patches to port
Questions to answer
Insight
Motivating example
Two modes of operations - Open vs Fixed bugs
Workflow - Fixed bugs & Open bugs
Fuzzing - New contexts verification
Fuzzer - Impact aware fuzzing
Symbolic Execution - Architecture
Symbolic Execution - Impacts identification
Overall results
Evaluation - Fuzzing
Evaluation - Symbolic execution