With the ever-increasing number of cyber threats such as malware, it has become more critical to quickly and efficiently analyze the intended behavior of the software running the systems powering much of today’s tech-driven world. ECE Associate Professor Tuba Yavuz is responding to these cybersecurity threats using a technique called ‘fuzzing.’ Her project, “Constraint-Guided Local Fuzzing of Binaries,” recently received $1M of funding as part of the highly prestigious Defense Advanced Research Projects Agency (DARPA) Young Faculty Award program.
Get Formal & Fuzzy
Underpinning computer programs are files called binaries, essentially specialized executable forms of software. Binaries often lack the information needed for reverse engineering and thus are very difficult to analyze in depth. Using a technique called fuzzing, Yavuz’s research team is working to enable more effective reverse engineering of malware.
Fuzzing is an automated software testing strategy whereby purposely invalid, random, or unexpected inputs are provided to a computer program. The system is then monitored for anomalous behavior such as crashing, failures, or problems with memory. Fuzzing essentially automatically tests software by providing data that is correct enough, but flawed, in order to test the limits of the system and to expose unknown weaknesses in the system. The resulting behaviors are then debugged to determine the cause(s).
Fuzzing has emerged as a robust and precise technique for exploring the input space of systems, but it becomes slow when applied to the whole system. In order to get around this limitation, Yavuz’s work leverages the insight that reasoning about binary code within a small scope can facilitate reasoning about global contexts. Her project will investigate constraint-guided local fuzzing of binaries to reduce the search space and to support targeted binary analysis. The project will investigate incremental fuzzing techniques that leverage constraint-guided local scope fuzzing to enable scalable and precise binary reverse engineering with an emphasis on malware reverse engineering.
Yavuz and her research assistants will perform constraint-guided fuzzing in a small scope and propagate inferred mutation recipes to the global scope. The goal is to revolutionize malware reverse engineering by enabling formulation of reachability queries in a language with formal semantics and to solve such queries by utilizing fine-grained binary code fuzzing.
DARPA YFA
The objective of the DARPA Young Faculty Award (YFA) program is to identify and engage researchers in junior faculty positions at U.S. academic and non-profit research institutions and expose them to Department of Defense (DoD) needs and DARPA’s program development process. The YFA program provides funding, mentoring and industry and DoD contacts to awardees early in their careers so they may develop their research ideas in the context of national security needs. The long term goal of the YFA program is to develop the next generation of academic scientists, engineers, and mathematicians who will focus a significant portion of their career on DoD and National Security issues.