Posted 12:00:00 AM
Cyber Readings 001
Cyber Reading Group
Title: Fuzzing: The State of the Art
Date: Wednesday 31st May 2017
Time: 11:00am
Location: Robert Milner Room, Level 1 CSIT
Document: Download Paper Here
Contact: Shane Magrath shane.magrath@anu.edu.au
Background Notes: This is a general introduction to fuzzing as of 2012 and simply serves as a starting point to issues in vulnerability discovery using fuzzing. Fuzzing is a simple idea but made more sophisticated with notions of white-box fuzzing, generative fuzzers, grammar fuzzers, black-box mutational fuzzers and so on. An important fuzzer not covered in this paper is AFL which is state of the art if you have source code. We’ll talk about that. Our readings will get more technical from this point.
Cyber Spot
We will spend ten minutes covering Lockheed-Martin’s very useful model called the “Cyber Kill Chain”. It’s a conceptual framework that can help understand and organise thinking around what cyber operations and effects are, how an attacker thinks and operates and what a defender can do in terms of counter-measures.