YoVDO

GRIMOIRE - Synthesizing Structure while Fuzzing

Offered By: USENIX via YouTube

Tags

USENIX Security Courses Cybersecurity Courses Software Testing Courses

Course Description

Overview

Explore a cutting-edge fuzzing technique presented at USENIX Security '19 in this 21-minute conference talk. Dive into GRIMOIRE, a fully automated coverage-guided fuzzer designed to efficiently test programs with highly structured inputs without human interaction or pre-configuration. Learn how this innovative approach synthesizes new structured inputs using grammar-like combinations, outperforming traditional fuzzers and improving upon existing grammar-based methods. Discover the impressive results achieved by GRIMOIRE, including the identification of 19 distinct memory corruption bugs in real-world programs and the acquisition of 11 new CVEs. Gain insights into the challenges of fuzzing programs with dedicated parsing stages and how GRIMOIRE addresses these issues through large-scale mutations in the input space.

Syllabus

USENIX Security '19 - GRIMOIRE: Synthesizing Structure while Fuzzing


Taught by

USENIX

Related Courses

Computer Security
Stanford University via Coursera
Cryptography II
Stanford University via Coursera
Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera
Building an Information Risk Management Toolkit
University of Washington via Coursera
Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network