Avatar

Prashast Srivastava

Postdoctoral Research Scientist

Columbia University

Biography

I am working as a postdoc with Prof. Suman Jana at Columbia University exploring some fun research questions pertaining to software testing. Previously, I obtained my PhD from Purdue University where I was fortunate to be advised by Prof. Mathias Payer at EPFL and Prof. Antonio Bianchi at Purdue. In summer 2018, I also had the pleasure to intern with Dr. Vineeth Kashyap at Grammatech and explore some program analysis questions.

My primary research area of interest is software testing and my PhD thesis centered around enhancing bug discovery capabilities of fuzzers. I explored meaningfully reducing the input space that fuzzers have to explore by sampling inputs from a distribution that incorporates domain knowledge about the software under test. More simply put, I explored incorporating insights from answers to fundamental questions like “What kind of software are we testing?” and “What kind of bugs are we looking for?” into the input generation methodology of fuzzers to make their bug discovery more effective.

Projects

Crystallizer

A Hybrid Path Analysis Framework to Aid in Uncovering Deserialization Vulnerabilities

Gramatron

Effective Grammar-aware Fuzzing Using Grammar Automatons

SieveFuzz

Optimizing Directed Fuzzing via Target-tailored Program State Restriction

FirmFuzz

Automated IoT Firmware Introspection and Analysis Framework

Publications

(2023). Practical Methods for Fuzzing Real-World Systems. PhD Thesis, Purdue University.

PDF DOI

(2023). Crystallizer: A Hybrid Path Analysis Framework to Aid in Uncovering Deserialization Vulnerabilities. In FSE ‘23.

PDF Code DOI

(2022). One Fuzz Doesn't Fit All: Optimizing Directed Fuzzing via Target-tailored Program State Restriction. In ACSAC ‘22.

PDF Code DOI

(2021). Gramatron: Effective Grammar-Aware Fuzzing. In ISSTA ‘21.

PDF Code DOI

(2019). FirmFuzz: Automated IoT Firmware Introspection and Analysis. In IoTS&P ‘19.

PDF Code DOI

Contact