Detecting applications vulnerabilities using remote procedure calls Lukas Jokubauskas 1, Jevgenijus Toldinas 1 and Borisas Lozinskis 1 1 Kaunas University of Technology, StudenflJ street 50, LT-51368 Kaunas, Lithuania Abstract Computer software often comprises multiple components, such as a fi:ontend application and a backend database, which need to exchange infmmation. Many modem desktop applications also follow the design of web software and have separate fi:ontend and backend processes. Inter­ process communication mechanisms or third-paity frameworks provided by the operating system are used for communication between processes. Improperly implemented remote procedure calls can lead to code vulnerabilities that can be exploited for malicious purposes. In this paper, we present a novel method for detecting application vulnerabilities using the remote procedure call approach, namely Detecting Applications Vulnerabilities using Google Remote Procedure Call (DAVuGRPC) that aims to utilize statically created taint and its dynamic fuzzification during the execution of the application. Keywords Vulnerability detection, dynamic analysis, taint dataset, RPC, gRPC 1. Introduction The techniques for finding application vulnerabilities are classified into two main categmies: static analysis and dynamic analysis A softwai·e vulnerability can be defined as a [5]. Static application analysis entails methods for defect, weakness, or simply an enor in an inspecting source code or compiled binaiy application that can be exploited by an attacker to without nmning it. Dynainic analysis is studying change the system’s regular behavior [I]. Because an application while it is running, with the use of the quantity of softwai·e systems and applications a debugger or other techniques, such as [ 1]: is growing, so is the number of vulnerabilities. • Fault injection is a testing approach that There ai·e various application vulnerabilities: inti·oduces problems to an application to injection, cross-site sc1ipting, broken test its behavior. To generate the possible authentication and session management, fmmat faults, some knowledge of the application stiing, insecure direct object reference, and many is required. others [2]. In the softwai·e industiy, vulnerability • Fuzzing testing involves feeding the identification and remediation have been a core and vital operation. Hackers can take advantage of application with random data to see if it undetected flaws and wreak significant damage to can handle it correctly. people [3]. While program analysis tools exist, • Dynainic taint dming the execution of the they often only discover a small subset of application, the tainted data is monitored probable enors based on predefined rules. With to dete1mine its approp1iate validation the widespread availability of open-source before accessing sensitive functions. repositories, data-driven methodologies for • Sanitization is a method of avoiding discove1ing vulnerability trends have become vulnerabilities caused by using user­ possible [4]. supplied data by implementing newly included functions or custom routines IVUS 2022: 27th International Conference on Information Technology, May 12, 2022, Kaunas, Lithuania @ 2022 CqJyri,gbt for this paper by its au1taors. Use permitted IIMH Creative Comm.om License Anribation 4.0 Iutematiom.l (CC BY 4.0). CEUR Workshop Proceedings (CEUR-WS.org) CEUR ceur-ws.org Workshop ISSN 1613-0073 Proceedings w h os e m ai n o bj e cti v e is t o e v al u at e or cl assifi e d i nt o t hr e e gr o u ps b as e d o n t h e r ol e: s a niti z e a n y i n p ut fr o m us ers b ef or e usi n g s a m pl e g e n er ati o n t e c h ni q u es, d y n a mi c a n al ysis it i nsi d e a n a p pli c ati o n. a p pr o a c h es, a n d st ati c a n al ysis t e c h ni q u es [ 1 1]. M ost of t h e ti m e, c y b er s e c urit y s p e ci alists d o R a n d o m m ut ati o n, gr a m m ati c al r e pr es e nt ati o n, n ot h a v e a c c ess t o t h e s o ur c e c o d e of t h e a n d s c h e d uli n g al g orit h ms ar e t hr e e t y p es of a p pli c ati o ns t h e y ar e t esti n g. As a r es ult, c y b er s a m pl e g e n er ati o n a p pr o a c h t h at ar e us e d t o s e c urit y s p e ci alists ai m t o a ut o m at e s o m e t as ks c h o os e a n d m ut at e s e e ds as w ell as r estri c t a n d usi n g d y n a mi c m et h o d ol o gi es. T h e p o w er of t h es e g e n er at e n e w s a m pl es. T o assist i n t h e g e n er ati o n str at egi es r esi d es i n t h e f a ct t h at t h e n u m b er of of t h e n e w s a m pl e, d y n a mi c a n al ysis t e c h ni q u es f als e p ositi v es is l o w, a n d t h e pr e cisi o n is ar e e m pl o y e d t o a c q uir e d y n a mi c i nf or m ati o n o n e xtr e m el y hi g h [ 6]. t h e r u n ni n g a p pli c ati o n. S y m b oli c e x pr essi o ns, T h e m et h o ds off er e d b y o p er ati n g s yst e ms t h at t h e e x e c ut e d p at h, t ai nt i nf or m ati o n o n t h e all o w pr o c ess es t o h a n dl e s h ar e d d at a or i nt er a ct s a m pl e, a n d c o d es ar e all i n cl u d e d i n t his d at a. ar e r ef err e d t o as i nt er -pr o c ess c o m m u ni c ati o n C o ntr ol fl o w a n al ysis a n d d at a fl o w sli c es ar e (I P C) [ 7]. I P C is a s et of m et h o ds f or e x a m pl es of st ati c a n al ysis. Alt h o u g h st ati c c o m m u ni c ati n g wit h t w o pr o c ess es t h a t m a y or a n al ysis fr e q u e ntl y yi el ds f als e -p ositi v e r es ults, it m a y n ot b e o n t h e s a m e m a c hi n e. R e m ot e c a n b e us e d i n c o nj u n cti o n wit h ot h er m et h o ds t o pr o c e d ur e c all ( R P C ) m et h o ds ar e wi d el y us e d i n g et us ef ul pr etr e at m e nt d at a. s yst e ms b e c a us e t h e y l o w er s yst e m c o m pl e xit y I n [ 1 2] pr o p os e d a s yst e m t h at c o m bi n es a n d d e v el o p m e nt c osts. T h e pri m ar y p ur p os e of a n m a c hi n e l e ar ni n g a n d b a n dit -b as e d o pti mi z ati o n R P C is t o m a k e r e m ot e pr o c e d ur e c alls wit h st at e -of -t h e-art gr e y -b o x f u z zi n g a p pr o a c h es. tr a ns p ar e nt t o us ers, all o wi n g t h e m t o m a k e A ut h ors s h o w si g nifi c a n t i m pr o v e m e nts o v er r e m ot e pr o c e d ur e c alls i n t h e s a m e w a y t h at t h e y n u m er o us st at e -of -t h e-art gr e y -b o x f uzz ers, s u c h w o ul d m a k e l o c al pr o c e d ur e c alls [ 9]. as A F L , Fi d g et y A F L , a n d t h e r e c e ntl y r el e as e d I n t his p a p er, w e pr es e nt a n o v el m et h o d f or F air F uzz . T h o m ps o n S a m pli n g w as us e d t o l e ar n d et e cti n g a p pli c ati o n v ul n er a biliti es usi n g t h e a d a pti v e distri b uti o ns o v er m ut ati o n o p er at ors. r e m ot e pr o c e d ur e c all a p pr o a c h, n a mel y T h e first c o n c oli c e x e c uti o n -b as e d s m art f u z zi n g D et e cti n g A p pli c ati o ns V ul n er a biliti es usi n g m et h o d f or d et e cti n g h e a p -b as e d b uff er o v erfl o w G o o gl e R e m ot e Pr o c e d ur e C all ( D A V u G R P C ) i n e x e c ut a bl es w as pr o vi d e d i n [ 1 3]. T h e t h at ai ms t o utili z e st ati c all y cr e at e d t ai nt a n d its s u g g est e d f uzz er r u ns t h e bi n ar y pr o gr a m a n d d y n a mi c us e d uri n g t h e e x e c uti o n of t h e d et er mi n es t h e p at h a n d v ul n er a bilit y r estri cti o ns a p pli c ati o n. F or t h at p ur p os e, w e e m pl o y t h e f or t h e e x e c ut e d p at h s y m b oli c all y. It c o m bi n es f u z zifi c ati o n t e c h ni q u e f or t h e t ai nte d d at as et. t h e c o nstr ai nts t o g e n er at e t est d at a t h at tr a v ers es T h e r est of t h e p a p er is or g a ni z e d as f oll o ws. t h e e x e c uti o n p at h a n d d et e cts a n y fl a ws. T h e T h e s e c o n d s e cti o n dis c uss es t h e r el at e d w or ks. f uzz er r e m o v es e a c h p at h c o nstr ai nt o n e at a ti m e T h e t hir d s e cti o n o v er vi e ws a p pli c ati o n a n d s ol v es t h e r es ulti n g c o nstr ai nts t o g e n er at e pr o gr a m mi n g i nt erf a c es. T h e f o urt h s e cti o n t est d at a t h at f oll o ws n o v el e x e c uti o n p at hs. T h e d es cri b es t h e g R P C p a yl o a d. T h e fift h s e cti o n s u g g est e d a p pr o a c h pr o p a g at es t h e t ai nt e d d at a pr es e nts t h e pr o p os e d a p pli c ati o n’s v ul n er a biliti es t hr o u g h dir e ct assi g n m e nt a n d arit h m eti c d et e cti o n m et h o d usi n g g R P C . T h e e v al u ati o n o p er ati o ns. fr a m e w or k a n d e x p eri m e nt al s et u p ar e pr es e nt e d I n [ 7] a ut h ors pr o p os e d a n e w f u z zi n g s ol uti o n i n s e cti o n si x. T h e s e v e nt h s e cti o n pr es e nts t o dis c o v er i nt er-pr o c ess c o m m u ni c ati o n b u gs e x p eri m e nt al r es ults. T h e l ast s e cti o n c o n cl u d es wit h o ut s o ur c e c o d e, b y c o m bi ni n g st ati c a n al ysis t h e p a p er wit h a dis c ussi o n of f ut ur e w or k. a n d d y n a mi c a n al ysis. St ati c a n al ysis is us e d t o r e c o g ni z e f or m at c h e c ks a n d h el p c o nstr u ct i nt er- 2. R el at e d w or k pr o c ess c o m m u ni c ati o n m ess a g es of v ali d f or m ats. D y n a mi c a n al ysis is us e d t o i nf er t h e c o nstr ai nts b et w e e n i nt er -pr o c ess c o m m u ni c ati o n F u z zi n g is a p o p ul ar a n d s u c c essf ul m et h o d f or m ess a g es a n d m o d el t h e st at ef ul l o gi c wit h a d et e cti n g s e c urit y fl a ws i n t h e s oft w ar e w h e n a pr o b a bilit y m atri x. T his l ets t o g e n er at e hi g h - s yst e m is t est e d b y pr o c essi n g t est c as es g e n er at e d q u alit y i nt er -pr o c ess c o m m u ni c ati o n m ess a g es t o b y a n ot h er pr o gr a m i n a c o nti n u o us l o o p. t est s er vi c es a n d dis c o v er d e e p a n d c o m pl e x b u gs. Si m ult a n e o usl y, t h e s yst e m m o nit or e d f or a n y I n [ 8] a ut h ors pr es e nt e d t h e first gr e y b o x err ors t h at m a y h a v e b e e n dis cl os e d as a r es ult of f uzz er f or pr ot o c ol i m pl e m e nt ati o ns. Unli k e t h e pr o c essi n g t his d at a. F uzzi n g str at e gi es ar e e xisti n g pr ot o c ol f uzz ers, t h e s ol uti o n t a k es a m ut ati o n al a p pr o a c h a n d us es st at e f e e d b a c k t o c o m m u ni c ati o ns f or m at w h e n usi n g R E S T A PIs . g ui d e t h e f u z zi n g pr o c ess. It a cts as a cli e nt a n d T h e H T T P pr ot o c ol is c o m m o nl y us e d i n t his r e pl a ys v ari ati o ns of t h e ori gi n al s e q u e n c e of ar c hit e ct ur al st yl e. m ess a g es s e nt t o t h e s er v er a n d r et ai ns t h os e T h e a cr o n y m g R P C [ 2 0] st a n ds f or G o o gl e v ari ati o ns t h at w er e eff e cti v e at i n cr e asi n g t h e R e m ot e Pr o c e d ur e C all, a n d it is a n R P C -b as e d c o v er a g e of t h e c o d e or st at e s p a c e. A si g nifi c a nt v ari ati o n. T his t e c h n ol o g y is b as e d o n a n H T T P p erf or m a n c e b o ost w as d e m o nstr at e d o v er t h e 2. 0 R P C A PI i m pl e m e nt ati o n, b ut H T T P is n ot st at e-of -t h e-art. pr es e nt e d t o t h e A PI d e v el o p er or t h e s er v er. As a A n ot h er si mil ar s ol uti o n [ 1 1] w as s u g g est e d t o r es ult, t h er e's n o n e e d t o w orr y a b o ut h o w R P C p erf or m a st at ef ul c o m m u ni c ati o n pr ot o c ol pri n ci pl es ar e m a p p e d t o H T T P , w hi c h si m plifi es f u z zi n g. T h e a p pr o a c h c o nt ai ns a st at e s wit c hi n g t hi n gs. T h e g o al of g R P C is t o s p e e d u p d at a e n gi n e wit h a m ulti -st at e f or k s er v er t o tr a ns missi o n b et w e e n mi cr o s er vi c es . It is b as e d c o nsist e ntl y a n d fl e xi bl y f u z z diff er e nt st at es of a o n t h e c o n c e pt of s el e cti n g a s er vi c e, t h e n c o m pil er -i nstr u m e nt e d pr ot o c ol pr o gr a m. T h e est a blis hi n g m et h o ds a n d p ar a m et ers t o all o w f or s ol uti o n w as i m pl e m e nt e d b y usi n g a st at e-of -t h e- r e m ot e c alli n g a n d r et ur n t y p es. It als o d es cri b es art gr e y -b o x A F L f uzz er. E x p eri m e nt al r es ults t h e R P C A PI p ar a di g m i n a n i nt erf a c e d es cri pti o n s h o w e d t h at t h e s ol uti o n a c hi e v e d t w o ti m es m or e l a n g u a g e (I D L), w hi c h m a k es d et er mi ni n g r e m ot e u ni q u e cr as h es w h e n c o m p ar e d t o o nl y f u z zi n g o p er ati o ns e asi er. Pr ot o c ol B uff ers ( Pr ot o b uf ) ar e t h e first p a c k et d uri n g t h e pr ot o c ol us e d b y d ef a ult i n t h e I D L t o d es cri b e t h e s er vi c e c o m m u ni c ati o n. i nt erf a c e as w ell as t h e str u ct ur e of p a yl o a d I nt er-Pr o c ess C o m m u ni c ati o n ( I P C) r ef ers t o a m ess a g es. g R P C c a n h a n dl e f o ur t y p es of v ari et y of a p pr o a c h es f or o n e -w a y or t w o -w a y i nt er a cti o ns: d at a tr a ns missi o n b et w e e n t hr e a ds i n o n e or m or e • U n ar y – w h e n t h e cli e nt m a k es a si n gl e pr o c ess es t h at c a n r u n o n a si n gl e c o m p ut er or r e q u est a n d g ets a si n gl e a ns w er. m ulti pl e c o m p ut ers c o n n e ct e d b y a n et w or k [ 1 4], • S er v er str e a mi n g – i n r es p o ns e t o a [ 1 5]. M ess a g e p assi n g, s y n c hr o ni z ati o n, s h ar e d cli e nt's r e q u est, t h e s er v er s e n ds a str e a m m e m or y, a n d r e m ot e pr o c e d ur e c alls ( R P C ) ar e of m ess a g es. W h e n all of t h e d at a h as s o m e of t h e I P C a p pr o a c h es t h at c a n b e di vi d e d b e e n tr a ns mitt e d, t h e s er v er s e n ds a st at us i nt o gr o u ps b as e d o n h o w t h e y c o m m u ni c at e m ess a g e t o c o n cl u d e t h e o p er ati o n. s h ar e d m e m or y a n d m ess a g e p assi n g [ 1 6]. T h e • Cli e nt str e a mi n g – t h e cli e nt d eli v ers a a ut h ors i n [ 1 7] i ntr o d u c e d dir e ct I P C (d I P C) t o str e a m of m ess a g e s t o t h e s er v er, w hi c h m arr y t h e is ol ati o n of pr o c ess es wit h t h e r es p o n ds wit h a si n gl e m ess a g e. p erf or m a n c e of s y n c hr o n o us f u n cti o n c alls • Bi dir e cti o n al str e a mi n g – t h e cli e nt a n d b e c a us e I P C i m p os es o v er h e a ds o n a v ari et y of s er v er str e a ms ar e a ut o n o m o us, w hi c h diff er e nt e n vir o n m e nts. T hr e a ds i n o n e pr o c ess m e a ns t h e y c a n s e n d m ess a g es i n a n y c a n c all a f u n cti o n o n a n ot h er pr o c ess, off eri n g t h e s e q u e n c e. Bi dir e cti o n al str e a mi n g is s a m e p erf or m a n c e as if t h e t w o pr o c ess es w er e a st art e d a n d st o p p e d b y t h e cli e nt. si n gl e c o m p osit e a p pli c ati o n, b ut wit h o ut g R P C is a gr e at c h oi c e f or m ulti-l a n g u a g e j e o p ar di zi n g t h eir is ol ati o n. s yst e ms, r e al -ti m e str e a mi n g, a n d I o T s yst e ms t h at r e q uir e li g ht-w ei g ht m ess a g e tr a nsf er, s u c h as 3. A p pli c ati o n pr o gr a m mi n g s eri ali z e d Pr ot o b uf m ess a g es. F urt h er m or e, g R P C s h o ul d b e c o nsi d er e d f or m o bil e a p ps b e c a us e it i nt erf a c e s d o es n ot r e q uir e t h e us e of a br o ws er a n d c a n pr ofit fr o m f e w er m ess a g es, pr es er vi n g t h e s p e e d A p pli c ati o n Pr o gr a m mi n g I nt erf a c es ( A PIs ) of m o bil e pr o c ess ors [ 1 9]. ar e s oft w ar e i nt er m e di ari es t h at d efi n e c ert ai n r ul es a n d d et er mi n ati o ns f or a p pli c ati o ns t o i nt er a ct a n d c o m m u ni c at e wit h o n e a n ot h er. A n 4. g R P C p a yl o a d d at a str u ct ur e A PI is i n c h ar g e of d eli v eri n g a us er's r es p o ns e t o a s yst e m, w hi c h is t h e n r et ur n e d t o t h e us er b y t h e B y d ef a ult, g R P C s eri ali z es p a yl o a d d a t a usi n g s yst e m. R e pr es e nt ati o n al St at e Tr a nsf er (R E S T ), Pr ot o b uf . Pr ot o c ol b uff ers ar e a l a n g u a g e- R P C , a n d q u er y l a n g u a g e f or A PIs (Gr a p h Q L ) ar e i n d e p e n d e nt, pl atf or m-i n d e p e n d e nt, a n d fl e xi bl e t h e t hr e e b asi c m o d els f or cr e ati n g A PIs [ 1 8]. T h e fr a m e w or k f or s eri ali zi n g str u ct ur e d d at a i n a r es p o ns e fr o m t h e b a c k-e n d d at a is d eli v er e d t o f or w ar d a n d b a c k w ar d c o m p ati bl e m a n n er. It's t h e cli e nts ( or us ers) t hr o u g h t h e J S O N or X M L si mil ar t o J S O N b ut s m all er a n d f ast er, pl us it cr e at es n ati v e l a n g u a g e bi n di n gs. Pr ot o c ol b uff ers alt eri n g t h e v al u es i n t h e m ess a g e usi n g f u z z y ar e m a d e u p of t h e d efi niti o n l a n g u a g e (i n . pr ot o l o gi c. fil es), t h e c o d e g e n er at e d b y t h e pr ot o c o m pil er t o i nt er a ct wit h d at a, l a n g u a g e-s p e cifi c r u nti m e li br ari es, a n d t h e s eri ali z ati o n f or m at f or d at a writt e n t o a fil e ( or s e n t a cr oss a n et w or k c o n n e cti o n) [ 2 1]. Pr ot o c ol b uff er m ess a g es a n d s er vi c es ar e d es cri b e d b y e n gi n e er -a ut h or e d . pr ot o fil es . Y o u c a n d efi n e w h et h er a fi el d is o pti o n al, r e p e at e d (pr ot o 2 a n d pr ot o 3 ), or si n gl e w h e n d efi ni n g . pr ot o fil es (pr ot o 3 ). S etti n g a fi el d t o r e q uir e d is n ot a n o pti o n i n pr ot o 3, a n d it is str o n gl y dis c o ur a g e d i n pr ot o 2 [ 2 2]. 5. D et e cti n g a p pli c a ti o n Fi g ur e 2 : A g e n er al fr a m e w or k f or d et e cti n g a p pli c ati o n v ul n er a biliti es usi n g g R P C v ul n er a biliti es usi n g g R P C T h e r a n g e of s u bstit ut e d v al u es f or n u m eri c T h e st a g es of pr o c essi n g a n d i nt er pr eti n g fi el ds is di vi d e d i nt o v al u e t y p es a n d r a n g es (s e e n et w or k tr affi c p a c k ets ar e d e pi ct e d i n Fi g ur e 1 . A T a bl e 1 ). g e n er al fr a m e w or k f or d et e cti n g a p pli c ati o n v ul n er a biliti es usi n g g R P C is s h o w n i n Fi g ur e 2 . T a bl e 1 T h er e ar e t w o b asi c m ess a gi n g str at e gi es: T h e r a n g e of s u bstit ut e d v al u es f or n u m eri c fi el ds c h a n gi n g t h e v al u es of o n e fi el d or all fi el ds i n o n e V al u e V al u e r a n g e l o o p. T h er e is als o t h e sit u ati o n w h er e a m ess a g e ty pe T h e s m all est T h e l ar g est fi el d's v al u e is fi x e d a n d c a n n ot b e m o difi e d. p ossi bl e v al u e p ossi bl e v al u e b o ol 0 1 stri n g mi n l e n gt h = m a x l e n gt h = 2 3 2 n ull i nt 3 2, -2 1 4 7 4 8 3 6 4 8 2147483647 si nt3 2, sfi x e d3 2 ui nt 3 2, 0 4294967295 fi x e d 3 2 i nt 6 4, -9 2 2 3 3 7 2 92233720 si nt 6 4, 036854775808 36854775807 sfi x e d 6 4 ui nt 6 4, 0 184467440 fi x e d 6 4 73709551615 fl o at 1. 1 7 5 4 9 4 3 5 1 E 3. 4 0 2 8 2 3 4 6 6 E + Fi g ur e 1 : T h e st a g es of pr o c essi n g and -38 38 i nt er pr eti n g n et w or k tr affi c p a c k ets d o u bl e 2. 2 2 5 0 7 3 1. 7 9 7 6 9 B ot h pr e c e di n g s ol uti o ns c a n b e us e d i n t his 8585072014 E 31348623158 E s c e n ari o, b ut o nl y if t h e r e q uir e d fi el ds ar e l eft -308 + 308 i nt a ct (s e e Fi g ur e 2 ). I n t h e s etti n gs, y o u c a n d efi n e t h e m ess a gi n g t e c h ni q u e y o u w a nt t o T h e m et h o d f or d et e cti n g v ul n er a biliti es i n e m pl o y. a p pli c ati o ns usi n g g R P C st arts wit h s c a n ni n g t h e T h e pr e mis e r e m ai ns t h e s a m e f or b ot h c h a n g e i niti al r e m ot e pr o c e d ur e m ess a g es (s e e Fi g ur e 3 ). t e c h ni q u es w h e n it c o m es t o fi el ds m o difi c ati o ns. T h e p r o p os e d m et h o d will a c c e pt d at a t h at c a n b e T h e n u m eri c m ess a g e fi el ds ar e m o difi e d b y r etri e v e d usi n g t h e T c p d u m p or Wir es h ar k n et w or k p a c k et a n al y z er fr o m . p c a p or . p c a p n g fil es. T h e pr o p os e d m et h o d a c c e pt s Pr ot o b uf fil es . pr ot o, w hi c h ar e us e d t o filt er o ut u n n e c ess ar y a n d t h e a p pli c ati o n u n d er t est ar e b ot h st art e d. T h e m ess a g es a n d s e n d m ess a g es t o t h e a p pli c ati o n g R P C m ess a g e cr e at or usi n g f uzz y l o gi c c h a n g es u n d er t est. B e c a us e pr ot o b uf m ess a g es ar e utili z e d t h e v al u es of t h e m ess a g e d at a a c c or di n gl y t o t h e i n t h e g R P C r e m ot e pr o c e d ur e c all fr a m e w or k, t y p es a n d p ossi bl e v al u es gi v e n i n T a bl e 1 . w hi c h is b as e d o n t h e H T T P/ 2 pr ot o c ol [ 2 3], pr ot o b uf m ess a g es m ust b e r e q u est e d i n all H T T P/ 2 pr ot o c ol r e q u ests. Aft er r e vi e wi n g t h e c o nt e nts of t h e H T T P/ 2 r e q u est, it is d et er mi n e d w h et h er t his m ess a g e is i nt e n d e d f or at l e ast o n e of t h e s er vi c es d es cri b e d i n t h e . pr ot o fil es of t h e t est e d s oft w ar e. T h e d at a is s a v e d if t h e m ess a g e h as a s er vi c e m at c h. If n o m at c h is d et e ct e d, t h e al g orit h m r e p e ats t h e pr o c ess wit h a n e w H T T P/ 2 r e q u est. Pr ot o b uf m ess a g es i n bi n ar y f or m at ar e e xtr a ct e d fr o m t h es e q u eri es, w hi c h w er e c o nstr u ct e d usi n g t h e pr ot o c ol b uff er's i nt e rf a c e d es cri pti o n l a n g u a g e [ 2 2]. Fi g ur e 4 : T h e pr o c ess of pr o p os e d m et h o d f or d et e cti n g a p pli c ati o n v ul n er a biliti es usi n g g R P C T h e m ess a g e wit h t h e hi g h est e x p e ct e d n u m b er of m ess a g e c h a n g e c y cl es is c h os e n i n t h e first it er ati o n a n d c h a n g e d v al u es of t h e m ess a g e d at a ar e c o nstr u ct e d b as e d o n it. T h e m ess a g es ar e cr e at e d i n s u bs e q u e nt c y cl es d e p e n di n g o n t h e e x e c uti o n pr o gr ess a n d t h e t est e d a p pli c ati o n r e pli es t o t h e g R P C s e nt m ess a g es. T h e r e c ei v e d Fi g ur e 3 : P a c k et s c a n ni n g pr o c ess f or e xtr a cti n g r es p o ns e is s e nt f or f urt h er a n aly sis. T h e r e m ot e pr o c e d ur e m ess a g es a p pli c ati o n is b ei n g t est e d if it is still r u n ni n g or if n o r e pl y is r e c ei v e d. V erifi c ati o n of t h e t est e d Aft er all r e m ot e pr o c e d ur e c alls, m ess a g e a p pli c ati o n pr o gr ess is s e nt t o t h e r e p ort str u ct ur es, a n d d at a t y p es ar e s a v e d t o t h e g e n er ati n g pr o c e d ur e. A n e w t est it er ati o n is d at a b as e, t h e pr o c ess of d et e cti n g a p pli c ati o n st art e d aft er t h e g R P C m ess a g e g e n er ati n g v ul n er a biliti es usi n g g R P C st arts. T h e pr o c ess of pr o c ess r e c ei v es t h e e x e c uti o n st at us a n d r es p o ns e t h e pr o p os e d m et h o d is d e pi ct e d i n Fi g ur e 4 . d at a fr o m t h e a p pli c ati o n u n d er t est. T h e St arti n g v ul n er a bilit y d et e cti o n, . pr ot o fil e, a p pli c ati o n a cti vit y m o nit ori n g pr o c ess d et e cts t h e m ess a g es str u ct ur e, a n d d at a t y p es u pl o a d e d fr o m t est e d a p pli c ati o n f a ult ( n o r es p o ns e) t h e cr as h t h e d at a b as e. T h e e x e c uti o n m o nit ori n g pr o c e d ur e r e p ort pr o c ess c oll e cts all r el e v a nt f a ult d at a a n d T h e us er c a n s e e t h e t er mi n al i nt erf a c e aft er s a v es t h e a p pli c ati o n cr a s h r e p ort. c o nfi g uri n g a n d r u n ni n g t h e D A V u G R P C t o ol, w hi c h dis pl a ys t hr e e m ai n bl o c ks: i nf or m ati o n o n 6. E v al u ati o n fr a m e w or k and t h e ti m e a n d d ur ati o n of t h e t est pr o c ess, t h e o v er a ll r es ults of t he t est pr o c ess , a n d t h e c urr e nt e x p eri m e nt al s et u p pr o gr es s of t h e t est pr o c ess . A g e n er al fr a m e w or k f or e v al u ati o n of t h e pr o p os e d m et h o d f or d et e cti n g a p pli c ati o n v ul n er a biliti es usi n g g R P C is d e pi ct e d i n Fi g ur e 5. Fi g ur e 6 : T h e str u ct ur e of D A V u G R P C t o ol Fi g ur e 5 : A g e n er al fr a m e w or k f or e v al u ati o n of 7. E x p eri m e nt al r es ults t h e pr o p os e d m et h o d O ur e x p eri m e nts ar e p erf or m e d usi n g A M D T h e Fri d a d y n a mi c a n al ysis li br ar y is us e d t o R y z e n 5 2 6 0 0 pr o c ess or wit h si x p h ysi c al a n d tr a c k t h e a p pli c ati o n u n d er t est e x e c uti o n. T o us e t w el v e l o gi c al c or es @ 3. 4 0 G H z; 1 6 G B R A M; t h e li br ar y pr o gr a m mi n g i nt erf a c e i n t h e G o Wi n d o ws 1 0 Pr o 6 4 bits O S. pr o gr a m mi n g l a n g u a g e, w e us e t h e fri d a -g o F or t h e e x p eri m e nt al i n v esti g ati o n, a t esti n g li br ar y, w hi c h all o ws us t o us e t h e Fri d a li br ar y's pl atf or m w as cr e at e d wit h a p pli c ati o ns writt e n i n n e e d e d f u n cti o ns. T h e Fri d a li br ar y i ns erts t h e C + + t h at us es g R P C . T h er e h a v e b e e n t w e nt y- a d diti o n al c o d e d uri n g e x e c uti o n t h at p er mits t hr e e r e m ot e pr o c e d ur es i m pl e m e nt e d: t e n J a v a S cri pt t o b e p erf or m e d aft er e n a bli n g t h e pr o c e d ur es ( Pr o c 0 – Pr o c 9) h a v e v ari o us t y p es of a p pli c ati o n u n d er t est e x e c uti o n. T h es e s cri pts b uff er o v erfl o w a n d n ull -p oi nt er d er ef er e n c e h a v e f ull a c c ess t o t h e a p pli c ati o n u n d er t est v ul n er a biliti es a n d t hirt e e n wit h o ut a n y m e m or y a n d c a n als o c h a n g e h o w f u n cti o ns ar e v ul n er a bilit y. T h e pr o p os e d m et h o d w as e x e c ut e d. c o m p ar e d wit h t h e pr ot o -f uzz er a n d Wi n A F L wit h W h e n a m et h o d i n t h e a p pli c ati o n u n d er t est is li b pr ot o b uf-m ut at or li br ar y s ol uti o ns (T a bl e 2 ). c all e d i n t h e D A V u G R P C t o ol, t h e s cri pt b e gi ns t o c a pt ur e bl o c ks of e x e c ut e d m et h o d i nstr u cti o ns. T a bl e 2 T h e Fri d a Li br ar y's I nt er c e pt or a n d St al k er C o m p aris o n of t h e D A V u G R P C t o ol d e v el o p m e nt A PI w er e us e d t o d o t his. T h e R es ults ( N o. of s e nt m ess a g es / c o m pl et e d i nstr u cti o n bl o c ks ar e tr a ns mitt e d t o Pr o c e d ur D et e cti o n ti m e i n s e c) t h e D A V u G R P C t o ol at t h e e n d of t h e a p pli c ati o n es D AVu GRPC pr ot o - Wi n A F L u n d er t h e t est m et h o d. I n a d diti o n t o t his f uzz er i nf or m ati o n, t h e a p pli c ati o n of t h e u n d er t est m et h o d's e x e c uti o n ti m e is r e c or d e d. D at a fr o m Pr o c 0 5/ 5 1 0/ 2 6 6 5 0 0 0/ - t h e a p pli c ati o n u n d er t h e t est is s e nt usi n g t h e Pr o c 1 4/ 6 3/ 2 3 7 3 7/ 2 8 Fri d a li br ar y's P 2 P D b us c o m m u ni c ati o n Pr o c 2 2/ 4 7/ 3 1 3 5 7/ 5 c h a n n el, w hi c h all o ws d at a t o b e e x c h a n g e d Pr o c 3 3/ 5 8/ 2 5 0 4 3/ 7 8 b et w e e n t h e D A V u G R P C t o ol a n d t h e a p pli c ati o n Pr o c 4 5/ 4 4/ 2 4 9 8 3/ 1 1 u n d er t h e t est s cri pt c o d e. T his P 2 P D b us c h a n n el Pr o c 5 6/ 5 1 0/ 2 6 4 9 0 0 0/ - is als o us e d w h e n J a v a S cri pt s cri pti n g m et h o ds Pr o c 6 7/ 5 2/ 2 9 6 2/ 3 ar e i n v o k e d. T h e str u ct ur e of D A V u G R P C t o ol is Pr o c 7 7/ 5 3 4/ 3 1 0 9 0 0/ 6 7 r e pr es e nt e d i n Fi g ur e 6 . Pr o c 8 1 6/ 6 -/- -/- Pr o c 9 -/- -/- -/- B as e d o n t h e r es ults w e c a n e v al u at e t h at t h e 9. R ef er e n c es pr o p os e d m et h o d d et e cts st a c k -b as e d, h e a p - b as e d, a n d n ull -p oi nt er d er ef er e n c e v ul n er a biliti es [ 1] W. Ji m e n e z , A. M a m m ar a n d A. C a v alli, i n t h e s h ort ti m e s e n di n g a s m all n u m b er of g R P C “ S oft w ar e V ul n er a biliti es, Pr e v e nti o n a n d m ess a g es. D et e cti o n M et h o ds: A R e vi e w ”, J ul y 2 0 1 0. P e n T est M a g a zi n e [ O nli n e]. URL : 8. C o n cl usi o n htt p:// w w w -l or.i nt-e vr y.fr/ ~ a n n a/fil es/s e c - m d a 0 9. p df T h e g o al of g R P C is t o s p e e d u p d at a [ 2] S. G ar g, R. K. Si n g h a n d A. K. M o h a p atr a tr a ns missi o n b et w e e n mi cr o s er vi c es . It als o “ A n al ysis of s oft w ar e v ul n er a bilit y d es cri b es t h e R P C A PI p ar a di g m i n a n i nt erf a c e cl assifi c ati o n b as e d o n diff er e nt t e c h ni c al d es cri pti o n l a n g u a g e ( I D L), w hi c h m a k es p ar a m et ers ” 2 0 1 9. I nf or m ati o n S e c urit y d et er mi ni n g r e m ot e o p er ati o ns e asi er. T h e m ai n J o ur n al: A Gl o b al P ers p e cti v e, 2 8: 1 -2, p p. 1 - r es ults of t his p a p er ar e as f oll o ws: 1 9. d oi: 1 0. 1 0 8 0/ 1 9 3 9 3 5 5 5. 2 0 1 9. 1 6 2 8 3 2 5 • g R P C c o ul d b e s u c c essf ull y us e d i n [ 3] J. F a n, Yi. Li, S. W a n g, a n d T. N. N g u y e n. a p pli c ati o ns v ul n er a biliti es d et e cti o n. “ A C/ C + + C o d e V ul n er a bilit y D at as et wit h • D y n a mi c a p pli c ati o n t esti n g o ut p erf or ms C o d e C h a n g es a n d C V E S u m m ari es ” 2 0 2 0. st ati c m et h o ds b e c a us e of a l o w n u m b er Pr o c e e di n gs of t h e 1 7t h I nt er n ati o n al of f als e p ositi v es a n d e xtr e m el y hi g h C o nf er e n c e on Mi ni n g S oft w ar e pr e cisi o n. R e p osit ori es. Ass o ci ati o n f or C o m p uti n g • F u z zi n g is t h e m ost a c c e pt a bl e m et h o d M a c hi n er y, N e w Y or k, N Y, U S A, p p. 5 0 8 – si n c e it is t h e m ost u ni v ers al a n d 5 1 2. d oi: 1 0. 1 1 4 5/ 3 3 7 9 5 9 7. 3 3 8 7 5 0 1 c o m bi n es t h e b e st si d es of st ati c a n d [ 4] R. L. R uss ell, L. Y. Ki m, L. H. H a milt o n, T. d y n a mi c t esti n g . L a z o vi c h, J. A. H ar er, O. O z d e mir, P. M. • T o i n cr e as e effi ci e n c y, t h e m et h o d us es Elli n g w o o d a n d M. W. M c C o nl e y. c o d e -c o v er a g e f e e d b a c k t o pri oriti z e “ A ut o m at e d V ul n er a bilit y D et e cti o n i n c o m pl e x r e m ot e pr o c e d ur e m ess a g es. S o ur c e C o d e Usi n g D e e p R e pr es e nt ati o n T his is a c hi e v e d b y usi n g Fri d a d y n a mi c L e ar ni n g. ” 2 0 1 8. 1 7t h I E E E I nt er n ati o n al a n al ysis li br ar y. C o nf er e n c e o n M a c hi n e L e ar ni n g a n d • Pr o p os e d a p pli c ati o ns v ul n er a biliti es A p pli c ati o ns (I C M L A’ 2 0 1 8) p p. 7 5 7-7 6 2. m et h o d u si n g r e m ot e pr o c e d ur e c alls a n d d oi: 1 0. 1 1 0 9/I C M L A. 2 0 1 8. 0 0 1 2 0 r e ali z e d D A V u G R P C t o ol s h o ws [ 5] J. F ell, “ A R e vi e w of F u z zi n g T o ols a n d a c c e pt a bl e r es ults f or st a c k -b as e d, h e a p - M et h o ds ”, M ar c h 1 0, 2 0 1 7. P e n T est b as e d b uff er o v erfl o w a n d n ull -p oi nt er M a g a zi n e [ O nli n e]. URL : d er ef er e n c e v ul n er a biliti es wit h t h e s h ort htt ps:// w c v e nt ur e. git h u b.i o/ F u z zi n g P a p er/ P a ti m e w h er e as t h e s m all n u m b er of g R P C p er/ 2 0 1 7 _r e vi e w. p df m ess a g es h as b e e n s e nt. [ 6] O. Z a a z a a a n d H. E l B a k k ali, " D y n a mi c v ul n er a bilit y d et e cti o n a p pr o a c h es a n d t o ols: • T h e pr o p os e d m et h o d f o u n d 1 1 o ut of 1 2 St at e of t h e Art," 2 0 2 0 F o urt h I nt er n ati o n al v ul n er a biliti es. T h e m et h o d h as l o w er C o nf er e n c e O n I nt elli g e nt C o m p uti n g i n p erf or m a n c e t h a n t h e pr ot o -f uzz er D at a S ci e n c es (I C D S), 2 0 2 0, p p. 1 -6. s ol uti o n; h o w e v er , it s e n ds f e w er d oi: 1 0. 1 1 0 9/I C D S 5 0 5 6 8. 2 0 2 0. 9 2 6 8 6 8 6 m ess a g es o v er t h e t esti n g pr o c ess . [ 7] K. Y a n g, H. Z h a o, C. Z h a n g, J. Z h u g e a n d H. F ut ur e w or k will b e as f oll o ws: D u a n, " F u z zi n g I P C wit h K n o wl e d g e • A d d n est e d m ess a g es v al u e f u z zi n g. I nf er e n c e," 2 0 1 9 3 8t h S y m p osi u m o n • I m pl e m e nt c o m pl e x f u z zifi c ati o n l o gi c R eli a bl e Distri b ut e d S ys t e ms ( S R D S), 2 0 1 9, wit h r e c o g niti o n d e p e n d e n ci es b et w e e n 1 1 -1 1 0 9. t h e s a m e v al u es i n t h e m ess a g es. d oi: 1 0. 1 1 0 9/ S R D S 4 7 3 6 3. 2 0 1 9. 0 0 0 1 2 • A d d a d diti o n al d y n a mi c i nstr u m e nt ati o n [ 8] V. -T. P h a m, M. B o h m e, a n d A. fr a m e w or k s u p p ort si n c e t h e c urr e nt Fri d a R o y c h o u d h ur y, “ A F L N E T: A Gr e y b o x i m pl e m e nt ati o n is u nst a bl e. F uzz er f or N et w or k Pr ot o c ols,” i n 2 0 2 0 • A d d c o m pr ess e d gR P C m ess a g es I E E E 1 3t h I nt er n ati o n al C o nf er e n c e o n s u p p ort. S oft w ar e T esti n g, V ali d ati o n and V erifi c ati o n (I C S T), P ort o, P ort u g al, O ct. 2 0 2 0, p. 4 6 0 – 4 6 5. S o m e Mi d dl e w ar e T e c h n ol o gi es ” 2 0 2 0. d oi: 1 0. 1 1 0 9/I C S T 4 6 3 9 9. 2 0 2 0. 0 0 0 6 2 I nt er n ati o n al J o ur n al of M o d er n E d u c ati o n & [ 9] H. B a g ci, a n d A. K ar a, “ A Li g ht w ei g ht a n d C o m p ut er S ci e n c e. V ol. 1 2 Iss u e 2, p p. 3 6 - Hi g h P erf or m a n c e R e m ot e Pr o c e d ur e C all 5 2. d oi: 1 0. 5 8 1 5/ij m e cs. 2 0 2 0. 0 2. 0 5 Fr a m e w or k f or Cr oss Pl atf or m [ 1 7] L. Vil a n o v a, M. J or d à, N. N a v arr o, Y. Etsi o n, C o m m u ni c ati o n ”, 2 0 1 6. I n Pr o c e e di n gs of and M. V al er o. “ Dir e ct I nt er -Pr o c ess t h e 1 1t h I nt er n ati o n al J oi nt C o nf er e n c e o n C o m m u ni c ati o n ( d I P C): R e p ur p osi n g t h e S oft w ar e T e c h n ol o gi es - I C S O F T-E A, C O D O Ms Ar c hit e ct ur e t o A c c el er at e I P C” (I C S O F T 2 0 16) I S B N 9 7 8 -9 8 9 -7 5 8 -1 9 4 -6, 2 0 1 7. I n Pr o c e e di n gs of t h e T w elft h p. 1 1 7 -1 2 4. d oi: 1 0. 5 2 2 0/ 0 0 0 5 9 3 1 2 0 1 1 7 0 1 2 4 E ur o p e a n C o nf er e n c e o n C o m p ut er S yst e ms [ 1 0] T. H uss ai n, S. S at y a v e er, a n d M. S et h, “ A ( E ur o S ys ' 1 7). Ass o ci ati o n f or C o m p uti n g C o m p ar ati v e St u d y of S oft w ar e T esti n g M a c hi n er y, N e w Y or k, N Y, U S A, p p. 1 6 – 3 1. T e c h ni q u es Vi z. W hit e B o x T esti n g Bl a c k d oi: 1 0. 1 1 4 5/ 3 0 6 4 1 7 6. 3 0 6 4 1 9 7 B o x T esti n g a n d Gr e y B o x T esti n g. ” [ 1 8] N. K o utr o u m p o u c h os, G. L a v d a nis, E. IJ A P R R I nt er n ati o n al P e er R e vi e w e d V er o ni, C. Nt a nt o gi a n, a n d C. X e n a kis. R ef er e e d J o ur n al, V ol. II, Iss u e V, 2 0 1 5. “ O bj e ct M a p: d et e cti n g i ns e c ur e o bj e ct [ 1 1] C. C h e n, C. B a oji a n g, M. Ji n xi n, W. R u n p u, d es eri ali z ati o n ” 2 0 1 9. I n Pr o c e e di n gs of t h e G. Ji a n c h a o a n d L. W e n qi a n, " A s yst e m ati c 2 3r d P a n -H ell e ni c C o nf er e n c e on r e vi e w of f u z zi n g t e c h ni q u es " 2 0 1 8 I nf or m ati cs ( P CI ' 1 9). Ass o ci ati o n f or C o m p ut ers & S e c urit y, V ol u m e 7 5, p p. 1 1 8 - C o m p uti n g M a c hi n er y, N e w Y or k, N Y, 1 3 7, ISS N 0 1 6 7 -4 0 4 8. U S A, p p. 6 7 – 7 2. d oi: 1 0. 1 0 1 6/j. c os e. 2 0 1 8. 0 2. 0 0 2 d oi: 1 0. 1 1 4 5/ 3 3 6 8 6 4 0. 3 3 6 8 6 8 0 [ 1 2] S. K ar a m c h eti, G. M a n n a n d D. R os e n b er g, [ 1 9] M. B er g a, A. S a nt os, “ g R P C vs R E S T: “ A d a pti v e Gr e y -B o x F u z z -T esti n g wit h c o m p ari n g A PIs ar c hit e ct ur al st yl es ” J u n e T h o m ps o n S a m pli n g ” 2 0 1 8 I n Pr o c e e di n gs 0 3, 2 0 2 1. I m a gi n ar y Cl o u d [ O n li n e]. U R L : of t h e 1 1t h A C M W or ks h o p o n Artifi ci al htt ps:// w w w.i m a gi n ar y cl o u d. c o m/ bl o g/ g R P I nt elli g e n c e a n d S e c urit y ( AI S e c ' 1 8). C -vs -r est/ Ass o ci ati o n f or C o m p uti n g M a c hi n er y, N e w [ 2 0] g R P C a hi g h p erf or m a n c e, o p e n s o ur c e Y or k, N Y, U S A, p p. 3 7 – 4 7. u ni v ers al R P C fr a m e w or k. [ O nli n e]. U R L : d oi: 1 0. 1 1 4 5/ 3 2 7 0 1 0 1. 3 2 7 0 1 0 8 htt ps:// g R P C .i o/ [ 1 3] M. M o u z ar a ni, B. S a d e g hi y a n a n d M. [ 2 1] Pr ot o c ol B uff ers O v er vi e w. [ O nli n e]. U R L : Z olf a g h ari, " A S m art F u z zi n g M et h o d f or htt ps:// d e v el o p ers. g o o gl e. c o m/ pr ot o c ol - D et e cti n g H e a p -B as e d B uff er O v erfl o w i n b uff ers/ d o cs/ o v er vi e w E x e c ut a bl e C o d es, " 2 0 1 5 I E E E 2 1st P a cifi c [ 2 2] Pr ot o c ol B uff ers L a n g u a g e G ui d e. [ O nli n e]. Ri m I nt er n ati o n al S y m p osi u m on URL : D e p e n d a bl e C o m p uti n g ( P R D C), 2 0 1 5, p p. htt ps:// d e v el o p ers. g o o gl e. c o m/ pr ot o c ol - 4 2 -4 9. d oi: 1 0. 1 1 0 9/ P R D C. 2 0 1 5. 1 0 b uff ers/ d o cs/ pr ot o #s p e cif yi n g -r ul es [ 1 4] Z. S p as o v, D. B o g d a n o v a, a n d M. S k o pj e, [ 2 3] I nt er n et E n gi n e eri n g T as k F or c e, H y p ert e xt “I nt er -Pr o c ess C o m m u ni c ati o n, A n al ysis, Tr a nsf er Pr ot o c ol V ersi o n 2 ( H T T P/ 2). G ui d eli n es A n d Its I m p a ct O n C o m p ut er [ O nli n e]. URL : S e c urit y ” 2 0 1 0 T h e 7t h I nt er n ati o n al htt ps:// d at atr a c k er.i etf. or g/ d o c/ ht ml/rf c 7 5 4 0 C o nf er e n c e f or I nf or m ati cs a n d I nf or m ati o n T e c h n ol o g y ( CII T 2 0 1 0). I nstit ut e of I nf or m ati cs. URL : htt p:// ciit.fi n ki. u ki m. m k/ d at a/ p a p ers/ 7 Cii T/ 7 Cii T -1 1. p df [ 1 5] N. C. Will, T. H ei nri c h, A. B. Vi es ci ns ki a n d C. A. M a zi er o, " Tr ust e d I nt er -Pr o c ess C o m m u ni c ati o n Usi n g H ar d w ar e E n cl a v es," 2021 IEEE I nt er n ati o n al S yst e ms C o nf er e n c e ( S ys C o n), 2 0 2 1, p p. 1 -7. d oi: 1 0. 1 1 0 9/ S ys C o n 4 8 6 2 8. 2 0 2 1. 9 4 4 7 0 6 6 [ 1 6] D. H a m e d, “I nt er -Pr o c ess C o m m u ni c ati o n (I P C) i n Distri b ut e d E n vir o n m e nts: A n I n v esti g ati o n a n d P erf or m a n c e A n al ysis of