A Distributed Multi-Target Software Vulnerability Discovery and Analysis Infrastructure for Smart Phones

Smart phones of today have increasingly sophisticated software. As the feature set grows further, the probability of system security related defects is likely to increase as well. Today, the security of mobile platforms and applications comes under great scrutiny as they are getting widely adopted. It is therefore crucial that code for mobile devices gets well tested and security bugs eliminated where possible. A popular and effective testing technique to identify severe security bugs in source code is fuzz testing. However, it is extremely time consuming to generate randomized input and test them on each version of the mobile phone and its software. This paper presents, MAFIA - Multi-target Automated Fuzzing Infrastructure and Arsenal, a composite, distributed client-server fuzz testing infrastructure for software applications and libraries in virtually any smartphone platform. The set of tools in MAFIA is file-format agnostic and can be used across various applications & libraries. With MAFIA, we conducted a large number of tests against image-handling libraries and logged more than 13,000 mutated inputs that successfully crash several Symbian OS retail phones models. The system is scalable and can be easily extended to be used on new devices and operating systems.