Autodafé: An Act of Software Torture
Presentation of an innovative buffer overflow uncovering technique called "Fuzzing by weighting attacks with markers"
Veröffentlicht am: 28.12.2005, 22:00 Uhr
Präsentation vom: 28.12.2005, 22:00 Uhr
Teilnehmer: Martin Vuagnoux
Abstract: Automated vulnerability searching tools have led to a dramatic increase of the rate at which such flaws are discovered. One particular searching technique is fault injection – i.e. insertion of random data into input files, buffers or protocol packets, combined with a systematic monitoring of memory violations. Even if these tools allow to uncover a lot of vulnerabilities, they are still very primitive; despite their poor efficiency, they are useful because of the very high density of such vulnerabilities in modern software.
Speakers: Martin Vuagnoux
Room: Saal 3