Fuzzing the out-of-memory killer on embedded Linux: an adaptive random approach

Authors:
K. Y. Sim;F.-C. Kuo;R. Merkel
Affiliations:
Swinburne University of Technology (Sarawak Campus), Jalan Simpang Tiga, Kuching, Sarawak, Malaysia;Swinburne University of Technology, Victoria, Australia;Swinburne University of Technology, Victoria, Australia
Venue:
Proceedings of the 2011 ACM Symposium on Applied Computing
Year:
2011

Citing 10
Cited 1

Data Diversity: An Approach to Software Fault Tolerance

IEEE Transactions on Computers - Fault-Tolerant Computing
Adaptive Random Testing Through Dynamic Partitioning

QSIC '04 Proceedings of the Quality Software, Fourth International Conference
An empirical analysis and comparison of random testing techniques

Proceedings of the 2006 ACM/IEEE international symposium on Empirical software engineering
Fuzzing: Brute Force Vulnerability Discovery

Fuzzing: Brute Force Vulnerability Discovery
ARTOO: adaptive random testing for object-oriented software

Proceedings of the 30th international conference on Software engineering
Fuzzing for Software Security Testing and Quality Assurance

Fuzzing for Software Security Testing and Quality Assurance
An Experimental Evaluation of the Reliability of Adaptive Random Testing Methods

SSIRI '08 Proceedings of the 2008 Second International Conference on Secure System Integration and Reliability Improvement
Adaptive Random Testing: The ART of test case diversity

Journal of Systems and Software
Adaptive random testing

ASIAN'04 Proceedings of the 9th Asian Computing Science conference on Advances in Computer Science: dedicated to Jean-Louis Lassez on the Occasion of His 5th Cycle Birthday
Automated testing and debugging of SAT and QBF solvers

SAT'10 Proceedings of the 13th international conference on Theory and Applications of Satisfiability Testing

Security fuzzing toolset

Proceedings of the 50th Annual Southeast Regional Conference

Quantified Score

Hi-index	0.00

Visualization

Abstract

Fuzzing is an automated black-box testing technique conducted with a destructive aim to crash (that is, to reveal failures in) the software under test. In this paper, we propose an adaptive random approach to fuzz the Out-Of-Memory (OOM) Killer on an embedded Linux distribution. The fuzzing process has revealed OOM Killer failures that cause the Linux kernel to remain in the OOM condition and become non-responsive. We have also found that the OOM Killer failures are more likely to occur when the Linux kernel has a higher over-commitment of memory requests. Finally, we have shown that the proposed adaptive random approach for fuzzing can reveal an OOM Killer failure with significantly fewer test inputs compared to the pure random approach.