POSTER: Seccomp profiling with Dynamic Analysis via ChatGPT-assisted Test Code Generation

Somin Song, Ashish Kundu, Byungchul Tak

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

The effectiveness of Seccomp kernel feature depends on how tightly and accurately the necessary system calls are specified in the seccomp policy. Static code analysis may miss out or over-approximate required system calls. With dynamic analysis, it is difficult to cover all possible execution paths. In this work, we aim to advance the state-of-the-art dynamic analysis approach by enabling it to increase the coverage of the target application’s functionalities. Our approach takes as input the application’s online documentation and leverages ChatGPT to generate a large number of test codes for functionalities in the documentation. This automated process eliminates the barrier to manually writing a large number of test codes for conducting dynamic analysis. Through our preliminary evaluation, we confirmed that ChatGPT can be used effectively to automatically generate a large number of test codes. Also, we observed early evidence that the seccomp policy generated from running the test codes could be more sound than the ones generated by static analysis.

Original languageEnglish
Title of host publicationACM AsiaCCS 2024 - Proceedings of the 19th ACM Asia Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery, Inc
Pages1928-1930
Number of pages3
ISBN (Electronic)9798400704826
DOIs
StatePublished - 1 Jul 2024
Event19th ACM Asia Conference on Computer and Communications Security, AsiaCCS 2024 - Singapore, Singapore
Duration: 1 Jul 20245 Jul 2024

Publication series

NameACM AsiaCCS 2024 - Proceedings of the 19th ACM Asia Conference on Computer and Communications Security

Conference

Conference19th ACM Asia Conference on Computer and Communications Security, AsiaCCS 2024
Country/TerritorySingapore
CitySingapore
Period1/07/245/07/24

Keywords

  • ChatGPT
  • Dynamic analysis
  • Seccomp
  • Static analysis
  • Test code

Fingerprint

Dive into the research topics of 'POSTER: Seccomp profiling with Dynamic Analysis via ChatGPT-assisted Test Code Generation'. Together they form a unique fingerprint.

Cite this