Profile cover photo
Profile photo
Brendan Dolan-Gavitt
204 followers -
Hack the planet
Hack the planet

204 followers
About
Posts

Post has attachment
NYC Area Security Folks – Come to SOS!
Every year the NYU School of Engineering hosts Cyber Security Awareness Week (CSAW) – the largest student-run security event in the country. This year, we're trying something new that combines two of my favorite things: security and open source . The inaugu...

Post has attachment
The LAVA Synthetic Bug Corpora
I'm planning a longer post discussing how we evaluated the LAVA bug injection system, but since we've gotten approval to release the test corpora I wanted to make them available right away. The corpora described in the paper, LAVA-1 and LAVA-M, can be downl...

Post has attachment
Fuzzing with AFL is an Art
Using one of the test cases from the previous post , I examine what affects AFL's ability to find a bug placed by LAVA in a program. Along the way, I found what's probably a harmless bug in AFL, and some interesting factors that affect its performance. Alth...

Post has attachment
The Mechanics of Bug Injection with LAVA
This is the second in a series of posts about evaluating and improving bug detection software by automatically injecting bugs into programs. Part one, which discussed the setting and motivation, is available here . Now that we understand why we might want t...

Post has attachment
How to add a million bugs to a program (and why you might want to)
In this series of posts, I'm going to describe how to automatically put bugs in programs, a topic on which we just published a paper at Oakland, one of the top academic security conferences. The system we developed, LAVA , can put millions of bugs into real...

Post has attachment
PANDA Plugin Documentation
It's been a very long time coming, but over the holiday break I went through and created basic documentation for all 54 currently-available PANDA plugins. Each plugin now includes a manpage-style document named USAGE.md in its plugin directory. You can find...

Post has attachment
PANDA VM Update October 2015
The PANDA Virtual machine has once again been updated, and you can download it from: http://laredo-13.mit.edu/~brendan/pandavm-20151002.ova Notable changes: We fixed a record/replay bug that was preventing Debian Wheezy and above from replaying properly. Th...

Post has attachment
(Sys)Call Me Maybe: Exploring Malware Syscalls with PANDA
System calls are of great interest to researchers studying malware, because they are the only way that malware can have any effect on the world – writing files to the hard drive, manipulating the registry, sending network packets, and so on all must be done...

Post has attachment
One Weird Trick to Shrink Your PANDA Malware Logs by 84%
When I wrote about some of the lessons learned from P ANDA Malrec 's first 100 days of operation , one of the things I mentioned was that the storage requirements for the system were extremely high. In the four months since, the storage problem only got wor...

Post has attachment
PANDA VM Update April 2015
The PANDA virtual machine has been updated to the latest version of PANDA, which corresponds to commit ce866e1508719282b970da4d8a2222f29f959dcd . You can download it here: http://laredo-13.mit.edu/~brendan/pandavm-20150413.tar.bz2 Some notable changes: The ...
Wait while more posts are being loaded