UCL Discovery
UCL home » Library Services » Electronic resources » UCL Discovery

Fuzzing and information flow

Blackwell, Daniel Jordan; (2025) Fuzzing and information flow. Doctoral thesis (Ph.D), UCL (University College London). Green open access

[thumbnail of PhD_Thesis_Deposit.pdf]
Preview
 Text
PhD_Thesis_Deposit.pdf - Accepted Version
Download (3MB) | Preview

Abstract

Maintaining the secrecy of confidential information in software systems is a common problem; from file ownership and read-write permissions in filesystems to user account specifics in web applications. The academic research area of information flow control has worked on solving the problem of validating that software satisfies security policies for decades. Much of this work has required either significant developer intervention, failed to scale to real-world software systems, or is not automatable. This thesis applies the automated testing technique fuzzing to the problem of information flow control; in particular looking for leaks of confidential information through program outputs, as opposed to through side-channels. As a system-level testing approach, the level of developer intervention is relatively low and scalability high. The contributions of the thesis are divided into three distinct chapters: Firstly, how a fuzzer can be used to detect instances of confidential information being leaked. The basis of this approach is hypertesting; in which finding two inputs that differ only in their secret parts, but result in differing program outputs indicates a leak. The produced tool, LeakFuzzer, is evaluated on a newly collected set of benchmarks including 9 real-world programs containing CVEs classified as information leaks. These are up to 905,000LoC in size, and thus test scalability. The next chapter extends this to include estimates of the quantity of information leaked through program outputs. Again the produced tool, NIFuzz, is evaluated on range of programs including CVEs. The final chapter looks at improving the efficiency of grey-box fuzzers. The developed approach makes use of knowledge of the target program's control flow graph in order to better decide how to divide up the mutation effort. The technique and its implementation, PrescientFuzz, are applicable not only to information flow control; and PrescientFuzz outperforms other fuzzers at achieving program coverage on the Fuzzbench benchmark suite.

Type: Thesis (Doctoral)
Qualification: Ph.D
Title: Fuzzing and information flow
Open access status: An open access version is available from UCL Discovery
Language: English
Additional information: Copyright © The Author 2025. Original content in this thesis is licensed under the terms of the Creative Commons Attribution-NonCommercial 4.0 International (CC BY-NC 4.0) Licence (https://creativecommons.org/licenses/by-nc/4.0/). Any third-party copyright material present remains the property of its respective owner(s) and is licensed under its existing terms. Access may initially be restricted at the author’s request.
UCL classification: UCL
UCL > Provost and Vice Provost Offices > UCL BEAMS
UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science
URI: https://discovery.ucl.ac.uk/id/eprint/10203994
Downloads since deposit
43Downloads
Download activity - last month
Download activity - last 12 months
Downloads by country - last 12 months

Archive Staff Only

View Item View Item