Xen Developer Summit 2015 has ended
Back To Schedule
Monday, August 17 • 3:20pm - 3:50pm
QEMU Security Vulnerability Automatic Discovery by Symbolic Execution - Chunjie Zhu, Citrix

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Fuzz testing is a popular software testing technique, often used to automatically discover severe bugs. Fuzz testing is equally useful in a security context, where any code fault that compromises memory safety or privilege separation is likely to be a security vulnerability. We have successfully used this approach to harden QEMU, where it identified several severe errors (e.g. buffer overflows) with a potential security impact. However, fuzzing has an inherent disadvantage, that is, the time required for reaching a sufficient confidence level is hard to determine. Symbolic execution on the other hand is a more systematic approach to automatic testing, focusing on generating inputs that achieve high code coverage. We apply this technique to QEMU using the state-of-the-art KLEE symbolic execution engine (https://klee.github.io).


Chunjie Zhu

I am working on XenServer product in Citrix company.

Monday August 17, 2015 3:20pm - 3:50pm PDT
Ravenna AB Sheraton Seattle, 1400 6th Ave., Seattle, WA 98101