Bachelor- and Master Seminar

Next Seminar on 2.2.2022

Written on 27.01.2022 14:59 by Stella Wohnig

Dear All,

The next seminar(s) take place on 19.1. at 14:00.

Session A: (RA4,5)
Daniel Reinhold - Paul Kalbitzer - Florian B.

https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09

Meeting-ID: 967 8620 5841
Kenncode: BT!u5=

Session A:

14:00-14:30 

Speaker: Daniel Reinold
Type of talk: Bachelor Intro
Supervisor: Prof. Dr. Andreas Zeller
Advisor: Leon Bettscheider
Title: Transpiling the Web Service Description Language
Research Area: RA4

Abstract: Users want a lot of functionality and information from the modern web. Web services provide an interface to request information or functionality from remote resources, connecting clients and servers to each other. This interface can receive direct user input, which makes it vulnerable to invalid or malicious requests.
If a web service goes offline due to an attack or bug, it can affect other peers, that rely on its functionality. Because of this, it is essential, that web services are robust and secure.
Fuzzing is a technique to automatically test software for vulnerabilities and other unintended behavior by generating random inputs. However, if completely random values are being produced, the result will be primarily invalid calls. To make this approach more efficient at creating valid inputs, a grammar can be used. Grammars are a way to specify the structure of an input and can be used in grammar-based fuzzers, to generate values for testing. A drawback is, that it can be difficult and time-consuming to create a grammar from scratch for a target application. This can be avoided by deriving the grammar from documents specifying the interface.
For web services, description files in a specification called Web Services Description Language exist. They are usually publicly available, which enables us to test our approach on a wide range of live web services.
We use this strategy to convert the interface description file of web services to a universal grammar. Then we generate many random values that match the input structure and send them as a request to a web service, to see how it responds. Our goal is to create a process to automatically fuzz web services.

14:30-15:00

Speaker: Paul Kalbitzer

Type of talk: Bachelor Final
Supervisor: Prof. Dr. Andreas Zeller
Advisor: Dr. Rafael Dutra

Title: Distribution-based fuzzing using FormatFuzzer

Research Area: RA4

Abstract: Fuzzing is an automated testing method that uses an immense number of
automatically generated inputs to examine the behaviour of the program under
test. These inputs are usually randomly generated to detect crashes or other
errors. When testing programs that receive files as input, the problem arises
that formats are very complex and that input that does not meet the structural
requirements is rejected by the program in an early parsing phase. This in turn
results in a low code coverage, which is tantamount to a fuzzing result without
meaningfulness.

The FormatFuzzer, a structure-aware approach, counters this problem by
using binary templates. In this way, it ensures that structural requirements for
inputs are met in order to be able to test programs with complex input requirements.
However, the FormatFuzzer does not yet allow to declare probabilities
in general, as well as for individual variables. This makes it impossible for example,
to focus on uncommon aspects of a format.

The goal of my thesis is to present a version of FormatFuzzer that supports
the use of statistics and probabilities, but does not depend on their existence.
The focus is on offering the possibility to generate files based on probability
distributions, to be able to direct test generation towards a specic direction.

15:00-15:30

Speaker: Florian B.
Type of talk: Bachelor Intro
Advisor: Dr. Dominic Steinhöfel, Prof. Andreas Zeller
Title: Bidirectional Converter Between ANTLR, BGF and a Pivot Language
Research Area: RA5

Abstract:
Grammar-based fuzzing is a common technique to make fuzzers more program-specific. On the one hand, there are different fuzzers with different grammar formats as input and on the other hand, there are large grammar collections like the Grammar Zoo with its BGF format or repositories with many grammars in ANTLR format. The ability to convert different grammar formats into each other would allow to use existing grammar collections, and thus thousands of grammars without requiring additional work for each grammar.
Bidirectional conversion between these different formats is easiest accomplished using a pivot language.
This pivot language can then be used to convert ANTLR to BGF and vice versa, or to convert to any new format by simply developing a new converter for a different format while using he same pivot language.
In this thesis, a converter will be developed to convert ANTLR and BGF into a pivot language and vice versa.