Dissertation/Thesis Abstract

Fuzzing the Berkeley Packet Filter
by Nilsen, Benjamin Curt, M.S., University of California, Davis, 2020, 53; 28000762
Abstract (Summary)

The Berkeley Packet Filter (BPF) allows users to write source code that can run in kernel space. The original intent of BPF was to allow users to filter incoming network packets at the kernel level, preventing the overhead cost of switching between user and kernel mode for filtering activities. Now BPF (also known as extended BPF) allows users to write BPF type programs in C to run in the kernel mode. These BPF programs utilize various datatypes and helper methods and can be compiled with a gcc type compiler. Companies such as Facebook are starting to use this extended BPF functionality which makes it a great target for a thorough project. Because these BPF programs run in kernel space, it is imperative that they be thoroughly tested for software vulnerabilities. I present a set of unique driver programs and program generators to help us run existing fuzzing tools on the BPF environment. Later I discuss the results and expand on future work and present ideas on how to improve fuzzers.

Indexing (document details)
Advisor: Chen, Hao
Commitee: Rubio González, Cindy, Bishop, Matt
School: University of California, Davis
Department: Computer Science
School Location: United States -- California
Source: MAI 82/2(E), Masters Abstracts International
Subjects: Computer science, Information Technology, Computer Engineering
Keywords: Berkeley Packet Filter, Fuzzing, Kernel level
Publication Number: 28000762
ISBN: 9798664727654
Copyright © 2021 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy