Have a UROP opening you would like to submit?
Please fill out the form.
MIPS Vulnerability Injection
6: Electrical Engineering and Computer Science
We need to integrate our vulnerability injection system with OSS-Fuzz infrastructure (https://github.com/google/oss-fuzz/). OSS-Fuzz uses docker containers which have their own version of LLVM installed to compile the applications and run libfuzzer. We would want to change these docker containers to use our own version of LLVM (which is already published in a docker container) and compile target applications with our version of DataFlow Sanitizer. Since libfuzzer provides its own `main` function that will drive the application-provided entry point (http://llvm.org/docs/LibFuzzer.html#fuzz-target), we will have to write our own equivalent `main` function. Once this infrastructure has been set up, we will want to set up an automated (and ideally distributed) way to run aikido on all applications supported by OSS-Fuzz, collect results and find places where our system fails to inject vulnerabilities.
Interest in low-level computer security, the ability to understand the project description, and interest in the project.