Using Protocol Fuzzing to Harden Storage Systems and to Protect Them from 0-day attacks

Author(s)/Presenter(s):
Library Content Type:
Publish Date: 
Tuesday, September 20, 2011
Event Name: 
Focus Areas:
Abstract: 

Protocol fuzzing is a proactive method for discovering previously unknown flaws in software. Defects discovered through fuzzing, unless fixed, have a potential of exposing affected systems to Denial of Service (DoS) situations and Zero Day Attacks, which could increase liability, damage business reputation and cripple sales. This presentation explains how fuzzing can be used to harden interfaces of the modern storage system with hands-on examples of protocols such as SMB2 and NFSv4.

Learning Objectives

Fuzzing techniques: Random, Mutation, Generational
Applying protocol fuzzing to storage protocols
Integrating security testing and fuzzing into SDLC