Filters








918 Hits in 3.1 sec

Optimizing Seed Selection for Fuzzing Optimizing Seed Selection for Fuzzing

Alexandre Rebert, Jonathan Foote, David Warren, Alexandre Rebert, Jonathan Foote, David Warren, Gustavo Grieco, David Brumley
unpublished
We also show that current seed selection strategies as found in Peach may fare no better than picking seeds at random. We make our data set and code publicly available.  ...  In this paper, we focus on how to mathematically formulate and reason about one critical aspect in fuzzing: how best to pick seed files to maximize the total number of bugs found during a fuzz campaign  ...  Acknowledgments We would like to thank Alan Hall, and our anonymous reviewers for their comments and suggestions.  ... 
fatcat:wvh2jsjcwjcp7lajwvxtuffqii

Optimizing Seed Selection for Fuzzing

Alexandre Rebert, Sang Kil Cha, Thanassis Avgerinos, Jonathan M Foote, David Warren, Gustavo Grieco, David Brumley
2018
We also show that current seed selection strategies as found in Peach may fare no better than picking seeds at random. We make our data set and code publicly available.  ...  In this paper, we focus on how to mathematically formulate and reason about one critical aspect in fuzzing: how best to pick seed files to maximize the total number of bugs found during a fuzz campaign  ...  Acknowledgments We would like to thank Alan Hall, and our anonymous reviewers for their comments and suggestions.  ... 
doi:10.1184/r1/6469118 fatcat:5ufe3mk4wfbhtal4qlczerqcti

MooFuzz: Many-Objective Optimization Seed Schedule for Fuzzer

Xiaoqi Zhao, Haipeng Qu, Wenjie Lv, Shuo Li, Jianliang Xu
2021 Mathematics  
Coverage-based Greybox Fuzzing (CGF) is a practical and effective solution for finding bugs and vulnerabilities in software.  ...  Next, MooFuzz classifies seed pool into three states and adopts different objectives to select seeds.  ...  refers to select seeds from the seed pool for future mutation.  ... 
doi:10.3390/math9030205 fatcat:dqs6zaz54rdmthyrhr3gzdnyuu

StFuzzer: Contribution-Aware Coverage-Guided Fuzzing for Smart Devices

Jiageng Yang, Xinguo Zhang, Hui Lu, Muhammad Shafiq, Zhihong Tian, Muhammad Ahmad
2021 Security and Communication Networks  
This observation is ignored by existing seed selection strategies, which reduces the efficiency of bug discovery on smart devices.  ...  The contribution-aware optimization approach does not require any prior knowledge of the target device, which ensures our optimization adapting gray-box fuzzing and white-box fuzzing.  ...  In order to optimize seed selection strategy of coverage-guided fuzzing, there are two problems should be solved.  ... 
doi:10.1155/2021/1987844 fatcat:yka6y46okvflvapcayitvber5a

UniFuzz: Optimizing Distributed Fuzzing via Dynamic Centralized Task Scheduling [article]

Xu Zhou, Pengfei Wang, Chenyifan Liu, Tai Yue, Yingying Liu, Congxi Song, Kai Lu, Qidi Yin
2020 arXiv   pre-print
Fuzzing is one of the most efficient technology for vulnerability detection.  ...  In this paper, we design and implement UniFuzz, a distributed fuzzing optimization based on a dynamic centralized task scheduling.  ...  ACKNOWLEDGEMENT We would like to thank the anonymous reviewers for their valuable comments and helpful suggestions.  ... 
arXiv:2009.06124v1 fatcat:ektilqy6ijctfnv26bftylqdma

Refined Grey-Box Fuzzing with SIVO [article]

Ivica Nikolic and Radu Mantu and Shiqi Shen and Prateek Saxena
2021 arXiv   pre-print
Finally, SIVO refines selection of parameters and strategies by parameterizing all stages of fuzzing and then dynamically selecting optimal values during fuzzing.  ...  on the input bytes, and (b) it deploys a novel method for inverting branches by solving directly and efficiently systems of inequalities.  ...  ACKNOWLEDGMENTS We thank our shepherd Erik van der Kouwe for his helpful feedback.  ... 
arXiv:2102.02394v2 fatcat:3zwqfzx53jhmjmhyakl3sjqtce

EnFuzz: Ensemble Fuzzing with Seed Synchronization among Diverse Fuzzers [article]

Yuanliang Chen, Yu Jiang, Fuchen Ma, Jie Liang, Mingzhe Wang, Chijin Zhou, Zhuo Su, Xun Jiao
2019 arXiv   pre-print
Fuzzing is widely used for software vulnerability detection. There are various kinds of fuzzers with different fuzzing strategies, and most of them perform well on their targets.  ...  Then, EnFuzz ensembles those base fuzzers with seed synchronization and result integration mechanisms.  ...  For example, AFLFast [16] improves the fuzzing strategy of AFL by selecting seeds that exercise low-frequency paths for additional mutations, and FairFuzz [26] optimizes AFL's mutation algorithm to  ... 
arXiv:1807.00182v2 fatcat:x4n7rebelralrgtbkk7i6yrzbu

Path Transitions Tell More:Optimizing Fuzzing Schedules via Runtime Program States [article]

Kunpeng Zhang, Xi Xiao, Xiaogang Zhu, Ruoxi Sun, Minhui Xue, Sheng Wen
2022 arXiv   pre-print
and bugs exposure; the latter formalization, concentrating on power schedules for seeds alone, is inattentive to the schedule for bytes in a seed.  ...  Coverage-guided Greybox Fuzzing (CGF) is one of the most successful and widely-used techniques for bug hunting.  ...  The improvement is added to the stages when fuzzing selects a seed and when fuzzing selects a byte.  ... 
arXiv:2201.04441v1 fatcat:bp7ylx5hhrasnba4uoaz6xt3qe

CSEFuzz: Fuzz Testing based on Symbolic Execution

Zhangwei Xie, Zhanqi Cui, Jiaming Zhang, Xiulei Liu, Liwei Zheng
2020 IEEE Access  
Thus the efficiency of fuzz testing is improved by CSEFuzz. Next, we use different coverage criteria to select initial seed test cases for conducting fuzz testing.  ...  One test case can be randomly selected for each selected test case template to form a set of initial seed test cases. The fuzz tester will validate the initial test cases after they are selected.  ... 
doi:10.1109/access.2020.3030798 fatcat:pjpezjna65butk7e75csfsiekq

Fuzzing Based on Function Importance by Interprocedural Control Flow Graph [article]

Wenshuo Wang, Liang Cheng, Yang Zhang
2021 arXiv   pre-print
Then the seed selection and energy scheduling of a seed input are determined by the importance of its execution trace.  ...  However, these improvements only consider limited types of information sources and ignore the fact that the priority a seed input to be fuzzed may be influenced by all the code it covers.  ...  Existing research can divide the optimization of fuzzing into the following categories according to the fuzzing process of classic fuzzers represented by AFL: optimization of seed selection strategy [  ... 
arXiv:2010.03482v4 fatcat:xwrq4iade5aftf67miczlje5vu

Program-Adaptive Mutational Fuzzing

Sang Kil Cha, Maverick Woo, David Brumley
2015 2015 IEEE Symposium on Security and Privacy  
relation to compute a probabilistically optimal mutation ratio for this program-seed pair.  ...  We present the design of an algorithm to maximize the number of bugs found for black-box mutational fuzzing given a program and a seed input.  ...  Particularly, we need an ability to selecting test cases that have the exact Hamming distance K from the seed s, for any given K.  ... 
doi:10.1109/sp.2015.50 dblp:conf/sp/ChaWB15 fatcat:nywgwkt2sfbyrkumqctopw2ru4

DLFuzz: Differential Fuzzing Testing of Deep Learning Systems [article]

Jianmin Guo, Yu Jiang, Yue Zhao, Quan Chen, Jiaguang Sun
2018 arXiv   pre-print
In this paper, we propose DLFuzz, the frst differential fuzzing testing framework to guide DL systems exposing incorrect behaviors.  ...  Compared with DeepXplore, the state-of-the-art DL whitebox testing framework, DLFuzz does not require extra efforts to find similar functional DL systems for cross-referencing check, but could generate  ...  For each seed x s , m neurons will be selected utilizing one or multiple strategies, which can be customized in strateдies of the algorithm inputs. ( We selected two datasets (MNIST and ImageNet) and the  ... 
arXiv:1808.09413v1 fatcat:n76kzevqnvgsrf3eqbzjzsibuq

Corpus Distillation for Effective Fuzzing: A Comparative Evaluation [article]

Adrian Herrera, Hendra Gunadi, Liam Hayes, Shane Magrath, Felix Friedlander, Maggi Sebastian, Michael Norrish, Antony L. Hosking
2020 arXiv   pre-print
., afl-cmin) that select the smallest subset of seeds that triggers the same range of instrumentation data points as the full corpus.  ...  A corpus of potential seeds will often contain thousands of similar inputs. This lack of diversity can lead to wasted fuzzing effort by exhaustive mutation from all available seeds.  ...  The following natural questions arise: (i) How do we best select seeds for a fuzzing corpus? (ii) If we assume Properties 1 to 4 above, how should they be weighted with respect to each other?  ... 
arXiv:1905.13055v2 fatcat:rgzkznvip5fdlfndwsxuennjta

MEUZZ: Smart Seed Scheduling for Hybrid Fuzzing [article]

Yaohui Chen, Mansour Ahmadi, Reza Mirzazade farkhani, Boyu Wang, Long Lu
2020 arXiv   pre-print
Moreover, MEUZZ automatically infers the data labels by evaluating the fuzzing performance of each selected seed.  ...  To overcome this problem, we design a Machine learning-Enhanced hybrid fUZZing system (MEUZZ), which employs supervised machine learning for adaptive and generalizable seed scheduling.  ...  Acknowledgment The authors would like to thank the anonymous reviewers for their insightful comments.  ... 
arXiv:2002.08568v2 fatcat:as2xekj7rnfltbm4ok25aculhe

Deep Reinforcement Fuzzing [article]

Konstantin Böttinger, Patrice Godefroid, Rishabh Singh
2018 arXiv   pre-print
This in turn allows us to apply state-of-the-art deep Q-learning algorithms that optimize rewards, which we define from runtime properties of the program under test.  ...  We have implemented this new approach, and preliminary empirical evidence shows that reinforcement fuzzing can outperform baseline random fuzzing.  ...  Actions are selected according to the policy π following an -greedy behavior: With probability 1 − (for a small > 0) the agent selects an action a = arg max a Q(x , a ) that is currently estimated optimal  ... 
arXiv:1801.04589v1 fatcat:ljuwtobxznb2bfbacr6uupthme
« Previous Showing results 1 — 15 out of 918 results