Fuzzing OT Apps and Protocols
In this project, the focus is on enhancing the security of Operational Technology (OT) applications and communication protocols. The objective is to identify and address vulnerabilities that could potentially compromise critical OT systems. The key steps involved in the project are:
-
Recreation of Proof of Concepts (PoCs):
Reconstruct and test known Proof of Concepts (PoCs) to understand the nature of existing threats and vulnerabilities in OT systems. Analyze how these PoCs exploit specific weaknesses and assess their impact on system operations.
-
Fuzzing Implementation:
Utilize advanced fuzzing techniques to test OT applications and protocols extensively, simulate various edge cases and malformed inputs to expose hidden vulnerabilities.
- Combine different fuzzing strategies, such as mutation-based and generation-based fuzzing, to enhance test coverage and ensure thorough security assessment.
-
Threat Analysis and Vulnerability Research:
Conduct a comprehensive threat analysis to identify potential attack vectors in OT environments, leveraging information flow analysis to trace how vulnerabilities could propagate within systems.
-
Information Flow Analysis:
Integrate information flow analysis techniques to track data movement within OT applications, allowing the detection of unauthorized data flows that could signify exploitation attempts or misconfigurations.
Skills Applied:
- Fuzzing: Implement various fuzzing tools and frameworks to identify vulnerabilities in OT protocols and applications.
- Threat Analysis: Assess and categorize security threats based on severity, providing actionable insights for mitigation.
- Information Flow Analysis: Track and analyze the flow of information to detect anomalies and potential security breaches.
- Vulnerability Research: Investigate and document security flaws, contributing to the development of security patches and improvements for OT systems.
This project not only strengthens expertise in fuzzing and vulnerability research but also demonstrates the ability to protect critical infrastructure systems through proactive threat hunting and mitigation strategies.
Related Topics:
Some Papers To Have a Good Start:
- Neural Program Smoothing
- All You Ever Wanted to Know
- Soundness and Precision
- Information Flow Tracking System
- Tracking Meets Just-In-Time Compilation
- Tracking With Static Binary Rewriting
- libdft: Dynamic Data Flow
- Fine-Grained Binary Instrumentation
- Using Dynamic Binary Instrumentation
- Combining Static and Dynamic Analysis
- Demystify the Fuzzing Methods
Sanoop Mallissery, Ph.D.
Lecturer
School of Information Technology
My research interests include advancing dependable systems security, privacy preservation, and cybersecurity in Operational Technology (OT) and Industrial Control Systems (ICS).