ConVul: An Effective Tool for Detecting Concurrency Vulnerabilities
Thu 14 Nov 2019 12:10 - 12:20 at Cortez 1 - Concurrency Chair(s): Elena Sherman
Concurrency vulnerabilities are extremely harmful and can be frequently exploited to launch severe attacks. Due to the non-determinism of multithreaded executions, it is very difficult to detect them. Recently, data race detectors and techniques based on maximal casual model have been applied to detect concurrency vulnerabilities. However, the former are ineffective and the latter report many false negatives. In this paper, we present CONVUL, an effective tool for concurrency vulnerability detection. CONVUL is based on exchangeable events, and adopts novel algorithms to detect three major kinds of concurrency vulnerabilities. To illustrate the competitiveness of CONVUL, we performed a comparison with three widely-used data race detectors and one recent tool based on maximal casual model. In our experiments, CONVUL detected 9 of 10 known vulnerabilities and found 6 zero-day vulnerabilities on MySQL, while other tools only detected at most 3 out of these 16 vulnerabilities. Our tool and data are available at CONVUL web page: https://sites.google.com/site/convultool. A demonstration video is available at https://youtu.be/-26C6ULxtbk
Wed 13 Nov
10:00 - 10:40 Demonstration | TsmartGP: A Tool for Finding Memory Defects with Pointer Analysis Yuexing WangTsinghua University, Guang ChenTsinghua University, Min ZhouTsinghua University, Ming GuTsinghua University, Jiaguang SunTsinghua University | |||||||||||||||||||||||||||||||||||||||||
10:00 - 10:40 Demonstration | BuRRiTo: A Framework to Extract, Specify, Verify and Analyze Business Rules Pavan ChittimalliTCS Research, Kritika AnandTCS Research, Shrishti PradhanTCS Research, Sayandeep MitraTCS Research, Chandan PrakashTCS Research, Rohit ShereTCS Research, Ravindra NaikTCS Research, TRDDC, India | |||||||||||||||||||||||||||||||||||||||||
10:00 - 10:40 Demonstration | Lancer: Your Code Tell Me What You Need Shufan ZhouSchool of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Beijun ShenSchool of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Hao ZhongShanghai Jiao Tong University | |||||||||||||||||||||||||||||||||||||||||
10:00 - 10:40 Demonstration | TestCov: Robust Test-Suite Execution and Coverage Measurement Pre-print Media Attached File Attached | |||||||||||||||||||||||||||||||||||||||||
10:00 - 10:40 Demonstration | Prema: A Tool for Precise Requirements Editing, Modeling and Analysis Yihao HuangEast China Normal University, Jincao FengEast China Normal University, Hanyue ZhengEast China Normal University, Jiayi ZhuEast China Normal University, Shang WangEast China Normal University, Siyuan JiangEastern Michigan University, Weikai MiaoShanghai Key Lab for Trustworthy Computing, School of Computer Science and Software Engineering, East China Normal University, Geguang PuEast China Normal University&Shanghai Trusted Industrial Control Platform Co., Ltd | |||||||||||||||||||||||||||||||||||||||||
10:00 - 10:40 Demonstration | XRaSE: Towards Virtually Tangible Software using Augmented Reality Rohit MehraAccenture Labs, India, Vibhu Saujanya SharmaAccenture Labs, Vikrant KaulgudAccenture Labs, India, Sanjay PodderAccenture | |||||||||||||||||||||||||||||||||||||||||
10:00 - 10:40 Demonstration | MuSC: A Tool for Mutation Testing of Ethereum Smart Contract Zixin LiNanjing University, Haoran WuState Key Laboratory for Novel Software Technology, Nanjing University, Jiehui XuNanjing University, Xingya WangState Key Laboratory for Novel Software Technology, Nanjing University, Lingming ZhangThe University of Texas at Dallas, Zhenyu ChenNanjing University | |||||||||||||||||||||||||||||||||||||||||
10:00 - 10:40 Demonstration | VeriSmart 2.0: Swarm-Based Bug-Finding for Multi-Threaded Programs with Lazy-CSeq Bernd FischerStellenbosch University, Salvatore La TorreUniversità degli Studi di Salerno, Gennaro ParlatoUniversity of Molise | |||||||||||||||||||||||||||||||||||||||||
10:00 - 10:40 Demonstration | DeepMutation++: a Mutation Testing Framework for Deep Learning Systems Qiang HuKyushu University, Japan, Lei MaKyushu University, Xiaofei XieNanyang Technological University, Bing YuKyushu University, Japan, Yang LiuNanyang Technological University, Singapore, Jianjun ZhaoKyushu University | |||||||||||||||||||||||||||||||||||||||||
10:00 - 10:40 Demonstration | Manticore: A User-Friendly Symbolic Execution Framework for Binaries and Smart Contracts Mark MossbergTrail of Bits, Felipe ManzanoTrail of Bits, Eric HennenfentTrail of Bits, Alex GroceTrail of Bits, Gustavo GriecoTrail of Bits, Josselin FeistTrail of Bits, Trent BrunsonTrail of Bits, Artem DinaburgTrail of Bits Media Attached | |||||||||||||||||||||||||||||||||||||||||
10:00 - 10:40 Demonstration | ConVul: An Effective Tool for Detecting Concurrency Vulnerabilities Ruijie MengUniversity of Chinese Academy of Sciences, Biyun ZhuUniversity of Chinese Academy of Sciences, Hao YunUniversity of Chinese Academy of Sciences, Haicheng LiUniversity of Chinese Academy of Sciences, Yan CaiInstitute of Software, Chinese Academy of Sciences, Zijiang YangWestern Michigan University | |||||||||||||||||||||||||||||||||||||||||
10:00 - 10:40 Demonstration | mCUTE: A Model-level Concolic Unit Testing Engine for UML State Machines Reza AhmadiQueen's University, Karim JahedQueen's University, Juergen DingelQueen's University, Kingston, Ontario |
Thu 14 Nov
10:40 - 11:00 Talk | MAP-Coverage: a Novel Coverage Criterion for Testing Thread-Safe Classes Zan WangCollege of Intelligence and Computing, Tianjin University, Yingquan ZhaoCollege of Intelligence and Computing, Tianjin University, Shuang LiuCollege of Intelligence and Computing, Tianjin University, Jun SunSingapore Management University, Singapore, Xiang ChenSchool of Information Science and Technology, Nantong University, Huarui LinCollege of Intelligence and Computing, Tianjin University | |||||||||||||||||||||||||||||||||||||||||
11:00 - 11:20 Talk | Automating Non-Blocking Synchronization In Concurrent Data Abstractions Jiange ZhangUniversity of Colorado Colorado Springs, Qing YiUniversity of Colorado Colorado Springs, Damian DechevUniversity of Central Florida Pre-print | |||||||||||||||||||||||||||||||||||||||||
11:20 - 11:40 Talk | Automating CUDA Synchronization via Program Transformation Mingyuan WuSouthern University of Science and Technology, Lingming ZhangThe University of Texas at Dallas, Cong LiuEindhoven University of Technology, Shin Hwei TanSouthern University of Science and Technology, Yuqun ZhangSouthern University of Science and Technology | |||||||||||||||||||||||||||||||||||||||||
11:40 - 12:00 Talk | Efficient Transaction-Based Deterministic Replay for Multi-threaded Programs Ernest Bota PobeeCity University of Hong Kong, Xiupei MeiCity University of Hong Kong, Wing-Kwong ChanCity University of Hong Kong, Hong Kong | |||||||||||||||||||||||||||||||||||||||||
12:00 - 12:10 Demonstration | VeriSmart 2.0: Swarm-Based Bug-Finding for Multi-Threaded Programs with Lazy-CSeq Bernd FischerStellenbosch University, Salvatore La TorreUniversità degli Studi di Salerno, Gennaro ParlatoUniversity of Molise | |||||||||||||||||||||||||||||||||||||||||
12:10 - 12:20 Demonstration | ConVul: An Effective Tool for Detecting Concurrency Vulnerabilities Ruijie MengUniversity of Chinese Academy of Sciences, Biyun ZhuUniversity of Chinese Academy of Sciences, Hao YunUniversity of Chinese Academy of Sciences, Haicheng LiUniversity of Chinese Academy of Sciences, Yan CaiInstitute of Software, Chinese Academy of Sciences, Zijiang YangWestern Michigan University |