{"id":"https://openalex.org/W3212828841","doi":"https://doi.org/10.1145/3460120.3484564","title":"SyzGen: Automated Generation of Syscall Specification of Closed-Source macOS Drivers","display_name":"SyzGen: Automated Generation of Syscall Specification of Closed-Source macOS Drivers","publication_year":2021,"publication_date":"2021-11-12","ids":{"openalex":"https://openalex.org/W3212828841","doi":"https://doi.org/10.1145/3460120.3484564","mag":"3212828841"},"language":"en","primary_location":{"id":"doi:10.1145/3460120.3484564","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3460120.3484564","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3484564","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3484564","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5018334224","display_name":"Weiteng Chen","orcid":null},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Weiteng Chen","raw_affiliation_strings":["University of California, Riverside, Riverside, CA, USA"],"affiliations":[{"raw_affiliation_string":"University of California, Riverside, Riverside, CA, USA","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5017851308","display_name":"Yu Wang","orcid":"https://orcid.org/0000-0001-7763-4261"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yu Wang","raw_affiliation_strings":["Didi Research America, Mountain View, CA, USA"],"affiliations":[{"raw_affiliation_string":"Didi Research America, Mountain View, CA, USA","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100459168","display_name":"Zheng Zhang","orcid":"https://orcid.org/0000-0003-1470-6998"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zheng Zhang","raw_affiliation_strings":["University of California, Riverside, Riverside, CA, USA"],"affiliations":[{"raw_affiliation_string":"University of California, Riverside, Riverside, CA, USA","institution_ids":["https://openalex.org/I103635307"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5022038961","display_name":"Zhiyun Qian","orcid":"https://orcid.org/0000-0003-1506-2522"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Zhiyun Qian","raw_affiliation_strings":["University of California, Riverside, Riverside, CA, USA"],"affiliations":[{"raw_affiliation_string":"University of California, Riverside, Riverside, CA, USA","institution_ids":["https://openalex.org/I103635307"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5018334224"],"corresponding_institution_ids":["https://openalex.org/I103635307"],"apc_list":null,"apc_paid":null,"fwci":2.3149,"has_fulltext":true,"cited_by_count":25,"citation_normalized_percentile":{"value":0.89404372,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"749","last_page":"763"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.8317687511444092},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8253499865531921},{"id":"https://openalex.org/keywords/codebase","display_name":"Codebase","score":0.7913081645965576},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.5882348418235779},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.4479203522205353},{"id":"https://openalex.org/keywords/leverage","display_name":"Leverage (statistics)","score":0.44596022367477417},{"id":"https://openalex.org/keywords/kernel","display_name":"Kernel (algebra)","score":0.4227624833583832},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.3255559206008911},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.2927321195602417},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2205430269241333},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.138231098651886},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.1308448612689972}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.8317687511444092},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8253499865531921},{"id":"https://openalex.org/C51929080","wikidata":"https://www.wikidata.org/wiki/Q2425187","display_name":"Codebase","level":3,"score":0.7913081645965576},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.5882348418235779},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.4479203522205353},{"id":"https://openalex.org/C153083717","wikidata":"https://www.wikidata.org/wiki/Q6535263","display_name":"Leverage (statistics)","level":2,"score":0.44596022367477417},{"id":"https://openalex.org/C74193536","wikidata":"https://www.wikidata.org/wiki/Q574844","display_name":"Kernel (algebra)","level":2,"score":0.4227624833583832},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.3255559206008911},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.2927321195602417},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2205430269241333},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.138231098651886},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.1308448612689972},{"id":"https://openalex.org/C114614502","wikidata":"https://www.wikidata.org/wiki/Q76592","display_name":"Combinatorics","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3460120.3484564","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3460120.3484564","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3484564","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3460120.3484564","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3460120.3484564","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3484564","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.6700000166893005}],"awards":[{"id":"https://openalex.org/G5124561427","display_name":null,"funder_award_id":"1652954","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3212828841.pdf","grobid_xml":"https://content.openalex.org/works/W3212828841.grobid-xml"},"referenced_works_count":21,"referenced_works":["https://openalex.org/W191489030","https://openalex.org/W2035890032","https://openalex.org/W2137530017","https://openalex.org/W2140839850","https://openalex.org/W2504609973","https://openalex.org/W2751862727","https://openalex.org/W2765363641","https://openalex.org/W2765435026","https://openalex.org/W2766711930","https://openalex.org/W2793974819","https://openalex.org/W2888922197","https://openalex.org/W2927543040","https://openalex.org/W2933883078","https://openalex.org/W2947814692","https://openalex.org/W2963846926","https://openalex.org/W3007127028","https://openalex.org/W3016185124","https://openalex.org/W3033117380","https://openalex.org/W3093824853","https://openalex.org/W3110223888","https://openalex.org/W4244413641"],"related_works":["https://openalex.org/W4387076678","https://openalex.org/W2981151599","https://openalex.org/W4210564700","https://openalex.org/W2344367508","https://openalex.org/W4390832982","https://openalex.org/W2571988079","https://openalex.org/W4294294414","https://openalex.org/W2620797757","https://openalex.org/W2962825342","https://openalex.org/W2098629748"],"abstract_inverted_index":{"Kernel":[0],"drivers":[1,81],"are":[2],"a":[3,13,68,111],"critical":[4],"part":[5],"of":[6,16,75,94,100,108,114],"the":[7,30,73,92],"attack":[8],"surface":[9],"since":[10],"they":[11],"constitute":[12],"large":[14],"fraction":[15],"kernel":[17],"codebase":[18],"and":[19,34,82,103,106,147],"oftentimes":[20],"lack":[21],"proper":[22],"vetting,":[23],"especially":[24],"for":[25,53,78],"those":[26],"closed-source":[27,79],"ones.":[28],"Unfortunately,":[29],"complex":[31],"input":[32],"structure":[33],"unknown":[35],"relationships/dependencies":[36],"among":[37],"interfaces":[38],"make":[39],"them":[40],"very":[41],"challenging":[42],"to":[43,56,71,90,135,144,150],"understand.":[44],"Thus,":[45],"security":[46],"analysts":[47],"primarily":[48],"rely":[49],"on":[50,121],"manual":[51],"audit":[52],"interface":[54],"recovery":[55],"generate":[57],"meaningful":[58],"fuzzing":[59],"test":[60],"cases.":[61],"In":[62],"this":[63],"paper,":[64],"we":[65],"present":[66],"SyzGen,":[67],"first":[69],"attempt":[70],"automate":[72],"generation":[74],"syscall":[76,101],"specifications":[77],"macOS":[80],"facilitate":[83],"interface-aware":[84],"fuzzing.":[85],"We":[86,117],"leverage":[87],"two":[88],"insights":[89],"overcome":[91],"challenges":[93],"binary":[95],"analysis:":[96],"(1)":[97],"iterative":[98],"refinement":[99],"knowledge":[102],"(2)":[104],"extraction":[105],"extrapolation":[107],"dependencies":[109],"from":[110],"small":[112],"number":[113],"execution":[115],"traces.":[116],"evaluated":[118],"our":[119],"approach":[120],"25":[122],"targets.":[123],"The":[124],"results":[125],"show":[126],"that":[127,140],"SyzGen":[128],"can":[129,142],"effectively":[130],"produce":[131],"high-quality":[132],"specifications,":[133],"leading":[134],"34":[136],"bugs,":[137],"including":[138],"one":[139],"attackers":[141],"exploit":[143],"escalate":[145],"privilege,":[146],"2":[148],"CVEs":[149],"date.":[151]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":9},{"year":2024,"cited_by_count":7},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":4}],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2025-10-10T00:00:00"}