Papers Papers/2022 Papers Papers/2022



Authors: Marcus Gelderie ; Valentin Barth ; Maximilian Luff and Julian Birami

Affiliation: Aalen University of Applied Sciences, Beethovenstraße 1, Aalen, Germany

Keyword(s): Fuzzing, Seccomp, Sandbox, Dynamic Analysis.

Abstract: Seccomp is an integral part of Linux sandboxes, but intimate knowledge of the required syscalls of a program are required. We present a fuzzer-based dynamic approach to auto-generate seccomp filters that permit only the required syscalls. In our model, a syscall is required, if any execution path leads to its invocation. Our implementation combines a symbolic execution step and a custom mutator to take command line flags into account and achieve a large coverage of the SUT. We provide an evaluation of our tool on popular command line tools and find up to 100% of the system calls found through manual analysis.


Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Gelderie, M.; Barth, V.; Luff, M. and Birami, J. (2022). Seccomp Filters from Fuzzing. In Proceedings of the 19th International Conference on Security and Cryptography - SECRYPT; ISBN 978-989-758-590-6; ISSN 2184-7711, SciTePress, pages 507-512. DOI: 10.5220/0011145100003283

author={Marcus Gelderie. and Valentin Barth. and Maximilian Luff. and Julian Birami.},
title={Seccomp Filters from Fuzzing},
booktitle={Proceedings of the 19th International Conference on Security and Cryptography - SECRYPT},


JO - Proceedings of the 19th International Conference on Security and Cryptography - SECRYPT
TI - Seccomp Filters from Fuzzing
SN - 978-989-758-590-6
IS - 2184-7711
AU - Gelderie, M.
AU - Barth, V.
AU - Luff, M.
AU - Birami, J.
PY - 2022
SP - 507
EP - 512
DO - 10.5220/0011145100003283
PB - SciTePress