SyzGen attempts to automate the generation of syscall specifications for closed-source macOS drivers and facilitate interface-aware fuzzing. We leverage two insights to overcome the challenges of binary analysis:(1) iterative refinement of syscall knowledge and (2) extraction and extrapolation of dependencies from a small number of execution traces.
./setup.sh
SyzGen: Automated Generation of Syscall Specification of Closed-Source macOS Drivers
kcov: Kernel module to provide coverage feedback
hook: Driver hook to collect logs
Weiteng Chen, Yu Wang, Zheng Zhang, Zhiyun Qian. "SyzGen: Automated Generation of Syscall Specification of Closed-Source macOS Drivers." Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS)