Fuzzbomb: Fully-Autonomous Detection and Repair of Cyber Vulnerabilities

Musliner, David J.; Friedman, Scott E.; Boldt, Michael; Benton, J.; Schuchard, Max; Keller, Peter; McCamant, Stephen

Home // International Journal On Advances in Security, volume 9, numbers 3 and 4, 2016 // View article

Fuzzbomb: Fully-Autonomous Detection and Repair of Cyber Vulnerabilities

Authors:
David J. Musliner
Scott E. Friedman
Michael Boldt
J. Benton
Max Schuchard
Peter Keller
Stephen McCamant

Keywords: autonomous cyber defense; symbolic analysis; protocol learning; binary rewriting

Abstract:
SIFT and the University of Minnesota teamed up to create a fully autonomous Cyber Reasoning System to compete in the DARPA Cyber Grand Challenge. Starting from our prior work on autonomous cyber defense and symbolic analysis of binary programs, we developed numerous new components to create FUZZBOMB. In this paper, we outline several of the major advances we developed for FUZZBOMB, including a content-agnostic binary rewriting system called BINSURGEON. We then review FUZZBOMB’s performance in the first phase of the Cyber Grand Challenge competition.

Pages: 111 to 121

Publication date: December 31, 2016

Published in: journal

ISSN: 1942-2636