Show simple item record

dc.contributor.advisorKim, Taesoo
dc.contributor.authorXu, Meng
dc.date.accessioned2020-09-08T12:47:57Z
dc.date.available2020-09-08T12:47:57Z
dc.date.created2020-08
dc.date.issued2020-07-28
dc.date.submittedAugust 2020
dc.identifier.urihttp://hdl.handle.net/1853/63668
dc.description.abstractThe scale and pervasiveness of concurrent software pose challenges for security researchers: race conditions are more prevalent than ever, and the growing software complexity keeps exacerbating the situation -- expanding the arms race between security practitioners and attackers beyond memory errors. As a consequence, we need a new generation of bug hunting tools that not only scale well with increasingly larger codebases but also catch up with the growing importance of race conditions. In this thesis, two complementary race detection frameworks for OS kernels are presented: multi-dimensional fuzz testing and symbolic checking. Fuzz testing turns bug finding into a probabilistic search, but current practices restrict themselves to one dimension only (sequential executions). This thesis illustrates how to explore the concurrency dimension and extend the bug scope beyond memory errors to the broad spectrum of concurrency bugs. On the other hand, conventional symbolic executors face challenges when applied to OS kernels, such as path explosions due to branching and loops. They also lack a systematic way of modeling and tracking constraints in the concurrency dimension (e.g., to enforce a particular schedule for thread interleavings) The gap can be partially filled with novel techniques for symbolic execution in this thesis.
dc.format.mimetypeapplication/pdf
dc.language.isoen_US
dc.publisherGeorgia Institute of Technology
dc.subjectRace condition
dc.subjectFuzz testing
dc.subjectSymbolic execution
dc.subjectBug finding
dc.subjectOS kernel
dc.titleFinding race conditions in kernels: The symbolic way and the fuzzy way
dc.typeDissertation
dc.description.degreePh.D.
dc.contributor.departmentComputer Science
thesis.degree.levelDoctoral
dc.contributor.committeeMemberLee, Wenke
dc.contributor.committeeMemberOrso, Alessandro
dc.contributor.committeeMemberSaltaformaggio, Brendan D.
dc.contributor.committeeMemberPeinado, Marcus
dc.date.updated2020-09-08T12:47:57Z


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record