Casr-Cluster: Crash Clustering for Linux Applications
Abstract
Crash report analysis is a necessary step before developers begin fixing errors. Fuzzing or hybrid (with dynamic symbolic execution) fuzzing is often used in the secure development lifecycle. Modern fuzzers could produce many crashes and developers do not have enough time to fix them till release date. There are two approaches that could reduce developers' effort on crash analysis: crash clustering and crash severity estimation. Crash severity estimation could help developers to prioritize crashes and close security issues first. Crash clustering puts similar crash reports in one cluster what could speed up the analyzing time for all crash reports. In this paper, we focus on crash clustering. We propose an approach for clustering and deduplicating of crashes that occurred in Linux applications. We implement this approach as a tool that could cluster Casr~fedotov2020casr crash reports. We evaluated our tool on a set of crash reports that was collected from fuzzing results.
Turn this paper into a full lesson
ArcXiv compiles a staged curriculum from this paper: 8-12 lessons across beginner → advanced, synthesised section guides, visuals, flashcards, a quiz, exercises, and on-demand deep dives per section. Grounded in the abstract, never invented.