model-based script synthesis for fuzzing. (arXiv:2308.04115v1 [cs.CR])

Kernel fuzzing is important for finding critical kernel vulnerabilities.
Close-source (e.g., Windows) operating system kernel fuzzing is even more
challenging due to the lack of source code. Existing approaches fuzz the kernel
by modeling syscall sequences from traces or static analysis of system codes.
However, a common limitation is that they do not learn and mutate the syscall
sequences to reach different kernel states, which can potentially result in
more bugs or crashes.

In this paper, we propose WinkFuzz, an …

analysis code critical fuzz fuzzing important kernel modeling operating system script source code static analysis syscall system traces vulnerabilities windows