LAVA: Large-scale Automated Vulnerability Addition
Lead PI
- Brendan Dolan-Gavitt, New York University
Co PIs
- Engin Kirda
- William Robertson
- Andrea Mambretti
- Patrick Hulin, Lincoln Laboratory
- Tim Leek, Lincoln Laboratory
- Ryan Whelan, Lincoln Laboratory
Abstract
Evaluating and improving bug-finding tools is currently difficult due to a shortage of ground truth corpora (i.e., software that has known bugs with triggering inputs). LAVA attempts to solve this problem by automatically injecting bugs into software. Every LAVA bug is accompanied by an input that triggers it whereas normal inputs are extremely unlikely to do so. These vulnerabilities are synthetic but, we argue, still realistic, in the sense that they are embedded deep within programs and are triggered by real inputs. Our work forms the basis of an approach for generating large ground-truth vulnerability corpora on demand, enabling rigorous tool evaluation and providing a high-quality target for tool developers.
LAVA is the product of a collaboration between MIT Lincoln Laboratory, NYU, and Northeastern University. For more information, visit the project’s Github homepage or see the publication below.
Funding
Assistant Secretary of Defense for Research & Engineering
Related Publications
- B. Dolan-Gavitt, P. Hulin, E. Kirda, T. Leek, A. Mambretti, W. Robertson, F. Ulrich and R. Whelan. LAVA: Large-scale Automated Vulnerability Addition. IEEE Symposium on Security and Privacy, San Jose, CA, USA, May 2016. DOI: 10.1109/SP.2016.15