4MMSR-Network Security-2012-2013-antivirus fuzzer
De Ensiwiki
Sommaire
Antivirus Fuzzer
This is a "mini" research project for the course 4MMSR-Network Security
Keywords
fuzzing,antivirus,file fuzzing, grammar based fuzzing
Description
{{{description}}}
Expected output
- choice of a given antivirus (see http://www.filehippo.com )
- analysis and documentation of the antivirus attack surface
- for the targeted inputs:
- naive random based fuzzer
- infer the grammar of a set of file, and generate mutations
- compare those techniques (metrics to be defined)
if time permits:
- apply genetic programming grammar based fuzzing in a black-box fashion
Research Questions
{{{research_questions}}}
References
- Attacking AntiVirus, Fen Xue, 2008 (whitepaper) Attacking AntiVirus, Fen Xue, 2008 (slides)
- Vxfuzz, Tavis Ormandy, 2007
- pages 4-6 of Security Testing Of Web Browser and the associated tool OUSPG Radamsa
- A study of anti-virus’ response to unknown threats, Devine, C. and Richaud, N., EICAR 2009
Tools
{{{tools}}}
Results
{{{results}}}
Get Started!
- create an archive on the ensimag server, so that only your team members and I have access to it.
- Créer_une_archive_partagée_avec_Git
- obviously, do not forget to send me the path afterwards