Jump to: navigation, search

Difference between revisions of "GSoC2014/Student/Manishanker"

Line 13: Line 13:
  
 
Project Goals :
 
Project Goals :
  *    Design and Implement Fuzz testing framework that can fuzz OpenStack APIs by generating configurable combninarions (random or pattern based)
+
  *    Design and Implement Fuzz testing framework that can fuzz OpenStack APIs by generating configurable combinations (random or pattern based)
 
  *    Enable fuzz testing on at least one OpenStack project (OpenStack Nova for example)
 
  *    Enable fuzz testing on at least one OpenStack project (OpenStack Nova for example)
 
  *    Integrate above fuzz test framework with OpenStack Tempest test framework
 
  *    Integrate above fuzz test framework with OpenStack Tempest test framework
Line 19: Line 19:
 
'''Project Plan'''
 
'''Project Plan'''
  
* Task 1:
+
* Task 1: Identify the best open source Fuzzing framework to fuzz Openstack API's
    Identifying the best open source Fuzzing framework which can be used to fuzz Openstack API's.There are many open source fuzzing tools like BED, SFUZZ, SICKFUZZ, SPIKE. Following properties of the fuzzing tool will be checked 1. Whether it can perform API fuzzing , 2. Can it do HTTP fuzzing 3.Can it be invoked using Tempest .After finding the appropriate fuzzing tool, few fuzzing iterations can be run using different types of inputs using Tempest . Inputs for the fuzzing can be random by defining the mandatory input parameters and randomizing the other parameters or they can be pattern based by defining a protocol which serves as a black box which is used to create them. For example Backtrack 5 R3 can be used to run different types of the fuzzing programs like BED program to test Openstack Horizon's HTTP service. BED program can be used to send fuzz packets to HTTP HEAD,GET,POST etc. In the similar way sfuzz program can be used to fuzz the Openstack Horizon's HTTP service by providing configuration files.Depending on the results obtained by the different fuzzing programs, fuzzing tool will be used to test Openstack service.
+
    There are many open source fuzzing tools like BED, SFUZZ, SICKFUZZ, SPIKE. Frameworks will be evaluated based on the following criteria:
 +
1. Whether it can perform API fuzzing ?
 +
2. Can it do HTTP fuzzing?
 +
3. Can it be invoked using Tempest?
  
* Task 2:
+
After finding the appropriate fuzzing tool, few fuzzing iterations will be run using different types of inputs using Tempest as a POC.
    After selecting the best fuzzing tool,it can be used to fuzz Openstack API. Fuzzing tool can be then used to fuzz on one of the Openstack service.Based on the Openstack service ,fuzzing can be still broken down to several sub tasks i.e fuzzing the main components of that service which may lead to any security vulnerabilities.Fuzzing will be done mostly to identify security vulnerabilities in API's and HTTP.Other vulnerabilities like Memory leaks,Buffer overflow can also be checked.
 
  
* Task3 :  
+
Inputs for fuzzing can be random by defining the mandatory input parameters and randomizing the other parameters or they can be pattern based by defining a protocol which serves as a black box which is used to create them. For example Backtrack 5 R3 can be used to run different types of the fuzzing programs like BED program to test Openstack Horizon's HTTP service. BED program can be used to send fuzz packets to HTTP HEAD,GET,POST etc. In the similar way sfuzz program can be used to fuzz the Openstack Horizon's HTTP service by providing configuration files. Depending on the results obtained by the different fuzzing programs, fuzzing tool will be used to test OpenStack service.
 +
 
 +
* Task 2:  Implement Fuzzing for one OpenStack project, say OpenStack Nova
 +
    After selecting the best fuzzing tool, it will be used to fuzz Openstack APIs. Fuzzing tool can be then used to fuzz on one of the OpenStack service. Based on the OpenStack service, fuzzing can be still broken down to several sub tasks i.e fuzzing the main components of that service which may lead to any security vulnerabilities.Fuzzing will be done mostly to identify security vulnerabilities in API's and HTTP. Other vulnerabilities like Memory leaks,Buffer overflow can also be checked.
 +
 
 +
* Task3 : Integrate with OpenStack testing framework - Tempest
 
     Next task would be integrating with Tempest.Tempest should be able to run fuzzing iterations on Openstack service.Tempest currently supports API testing to some extent ,but by integrating fuzzing with Tempest ,fuzzing can be run directly from it.
 
     Next task would be integrating with Tempest.Tempest should be able to run fuzzing iterations on Openstack service.Tempest currently supports API testing to some extent ,but by integrating fuzzing with Tempest ,fuzzing can be run directly from it.
  

Revision as of 18:13, 20 March 2014

Personal Details

Name : Manishanker Talusani
Email : shanker.mani0@gmail.com
Name of the University: Birla Institute of Technology & Science Pilani - K.K.Birla Goa Campus,Goa,India
Education : Master Of Science (Technology)
IRC nickname[freenode] : Manishanker
Other contact methods (mobile no) : (+91) 9503395344

Project Description

Project Idea url : https://wiki.openstack.org/wiki/GSoC2014/Testing/Fuzz

Project Goals :

*    Design and Implement Fuzz testing framework that can fuzz OpenStack APIs by generating configurable combinations (random or pattern based)
*    Enable fuzz testing on at least one OpenStack project (OpenStack Nova for example)
*    Integrate above fuzz test framework with OpenStack Tempest test framework

Project Plan

  • Task 1: Identify the best open source Fuzzing framework to fuzz Openstack API's
    There are many open source fuzzing tools like BED, SFUZZ, SICKFUZZ, SPIKE. Frameworks will be evaluated based on the following criteria: 

1. Whether it can perform API fuzzing ? 2. Can it do HTTP fuzzing? 3. Can it be invoked using Tempest?

After finding the appropriate fuzzing tool, few fuzzing iterations will be run using different types of inputs using Tempest as a POC.

Inputs for fuzzing can be random by defining the mandatory input parameters and randomizing the other parameters or they can be pattern based by defining a protocol which serves as a black box which is used to create them. For example Backtrack 5 R3 can be used to run different types of the fuzzing programs like BED program to test Openstack Horizon's HTTP service. BED program can be used to send fuzz packets to HTTP HEAD,GET,POST etc. In the similar way sfuzz program can be used to fuzz the Openstack Horizon's HTTP service by providing configuration files. Depending on the results obtained by the different fuzzing programs, fuzzing tool will be used to test OpenStack service.

  • Task 2: Implement Fuzzing for one OpenStack project, say OpenStack Nova
    After selecting the best fuzzing tool, it will be used to fuzz Openstack APIs. Fuzzing tool can be then used to fuzz on one of the OpenStack service. Based on the OpenStack service, fuzzing can be still broken down to several sub tasks i.e fuzzing the main components of that service which may lead to any security vulnerabilities.Fuzzing will be done mostly to identify security vulnerabilities in API's and HTTP. Other vulnerabilities like Memory leaks,Buffer overflow can also be checked.
  • Task3 : Integrate with OpenStack testing framework - Tempest
    Next task would be integrating with Tempest.Tempest should be able to run fuzzing iterations on Openstack service.Tempest currently supports API testing to some extent ,but by integrating fuzzing with Tempest ,fuzzing can be run directly from it.

How will i achieve these goals:

Successful completion of the project involves thorough understanding of Fuzzing tools, Fuzzing techniques ,Penetration tools and also in depth knowledge of the Openstack service internals on which fuzzing is to be done.I am familiar and i have experience with architecture of the Openstack and its services. I also have experience in deploying Openstack using Devstack and in 3 node setup with different Hypervisors. I plan to learn and work with the different fuzzing tools and techniques before coding starts so that i could start using fuzzing techniques as the coding period starts. I have discussed with my mentor Sriram Subramanian, he has given me material which has all the information on how fuzzing and other penetration tests were done in Openstack Essex cloud software.In the meantime i will also work on a specific Openstack services,Tempest and gain in depth knowledge of it so that i can implement fuzzing on it.

What are my milestones

* My first milestone would be identifying the appropriate fuzzing tool which can be used to fuzz Openstack service based on the prerequisites mentioned in task 1 
* Second milestone would be, after the identification and implementation of the fuzzing tool and techniques ,using it to fuzz Openstack service
* Third milestone would be, integrating the fuzzing tool with the Tempest which could be used to run fuzzing tests directly and enabling automated reporting of security vulnerabilities   to the OpenStack Security Group.

Project Timeline

This is my tentative project timeline based on the discussion with my mentor.

  • Before April 20
 * Familiarize myself with different types of Fuzzing techniques and Fuzzing tools like BED,SPIKE,SFUZZ,SICKFUZZ.
 * Familiarize myself with Openstack services,Tempest and Openstack code base.
 * I will be in constant touch with my mentor to improve my knowledge and get better ,deeper understanding of Fuzzing and Openstack services.
  • April 21-May4(Before the actual coding time)
 * Identifying the best open source fuzzing tool which can be used for API ,HTTP fuzzing
 * Creating a working draft on which fuzzing tool can serve the purpose 
 * Discussing with mentor on using the fuzzing tool for the further project and changes to the tool(if required)
  • May5-May18
 * Implementing the fuzzing tool to fuzz on one of the Openstack service API
 * Creating exhaustive fuzzers and trying to automate the fuzzing tool to create inputs(random or pattern based) to the fuzzing tool
 * Based on the complexity of the openstack service ,fuzzing can be done on separate parts of the service
  • May19-June 1
 * Implementing other penetration tests which may lead to threats like Memory leaks and Buffer overflows
  • June 2-June 15
 * Improving the code functionality ,removing bugs and exception handling  

  • June 16-June 29 (Mid term Evaluation)
 * By the Mid-term, a fully functional fuzzing on one of the Openstack service

  • June30-July 13
 * Integrating fuzzing tool with the tempest so that tempest can directly be used to run fuzz test
  • July14-July27
 * Testing Tempest to see if it can run the fuzzing test on openstack service
  • July 28-Aug10
 * Making further changes in the code to improve functionality,bug removals,exception handling
  • Aug11-Aug24
 * Discussion about the documentation with mentor and wrapping up
 * Most of the time will be used for bug fixes and testing 
 * Final documentation which includes complete details about all the methods and their usage. 

Technical Background

  • Open Source contribution
   I haven't contributed to open source but i want to start my contribution to open source through Openstack.
  • Academic background
   I am an Undergraduate student pursuing MSC.(Tech.) Information Systems at BITS Pilani K K Birla Goa Campus.Currently i am working as an intern.I have been working on Openstack for couple of months and i am involved  in deployment of Openstack services in the Data center. I am responsible for deployment of multi-hypervisor cloud which is used to test different products of the company and fixing errors for the other teams who are using the Openstack services.I am also responsible for Baremetal and Ironic deployment which are currently in progress.Prior to this i have worked on different projects in Android ,Hadoop, Matlab
  • Programming language
   C,Java,Python