polito.it
Politecnico di Torino (logo)

Development of fuzzing methodologies for testing the resilience of the SATA protocol

Florin Sebastian Sanislav

Development of fuzzing methodologies for testing the resilience of the SATA protocol.

Rel. Paolo Bernardi. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2020

[img]
Preview
PDF (Tesi_di_laurea) - Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (2MB) | Preview
Abstract:

Communication between computing systems and storage device units, generally called Hard Drives, is one of the most important interfaces for in the IT world, and guaranteeing it's security has high priority. The main protocol in use today is known as the "ATA standard" and the focus of our work during this intership is to test its resilience through Fuzzing, an automated software testing technique that consists in providing unexpected, invalid, random data as input to the target system, and monitor its behaviour in search for anomalies such as bugs, crashes or potential security flaws. In our work we propose different types of Fuzzing schemes, mainly based on a client-server architecture using the Fuzzing framwork "Boofuzz" together with software developed by us. The systems we aim to target are not only phyisical hard disks but also virtual hard drives, tested under different virtualization softwares such as QEMU, VirtualBox and VMWare. This work is the continuation of what has been started during a previous semester project, developed by the students Mirabella Angelo and Sanislav Sebastian (author of this work) and supervised by Balzarotti Davide (also supervisor for this internship). Even though during the semester project some results were achieved, their understanding was not clear. In this internship we try to explore more these outcomes and to continue developing the designed methodologies.

Relatori: Paolo Bernardi
Anno accademico: 2019/20
Tipo di pubblicazione: Elettronica
Numero di pagine: 50
Soggetti:
Corso di laurea: Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering)
Classe di laurea: Nuovo ordinamento > Laurea magistrale > LM-32 - INGEGNERIA INFORMATICA
Ente in cotutela: TELECOM ParisTech - EURECOM (FRANCIA)
Aziende collaboratrici: Eurecom
URI: http://webthesis.biblio.polito.it/id/eprint/14383
Modifica (riservato agli operatori) Modifica (riservato agli operatori)