A Fuzzer Based on a Fine-Grained Deeper Strategy

Software nowadays suffers much danger from vulnerabilities, threatening much valuable thing, e.g. the security of private information. Fuzzing is a successful tool in bug-detecting without resorting to much prior knowledge, and has actually discovered many bugs. However, traditional fuzzing has a common drawback that it is limited in a superficial level, and nearly cannot drill deep into the program. This paper proposes DO-Fuzzer (Depth-Oriented-Fuzzer) based on an evolutionary skeleton, employing a fine-grained deep strategy to guide the fuzzer deep into the program. Experiment shows that the deep strategy can augment the fuzzer to detect program-path and consequently program-bugs.

[1]  David Brumley,et al.  Optimizing Seed Selection for Fuzzing , 2014, USENIX Security Symposium.

[2]  Gregg Rothermel,et al.  Bridging the gap between the total and additional test-case prioritization strategies , 2013, 2013 35th International Conference on Software Engineering (ICSE).

[3]  Gregg Rothermel,et al.  A Unified Test Case Prioritization Approach , 2014, ACM Trans. Softw. Eng. Methodol..

[4]  Weiguang Wang,et al.  SeededFuzz: Selecting and Generating Seeds for Directed Fuzzing , 2016, 2016 10th International Symposium on Theoretical Aspects of Software Engineering (TASE).

[5]  David Brumley,et al.  Scheduling black-box mutational fuzzing , 2013, CCS.

[6]  Christopher Krügel,et al.  Driller: Augmenting Fuzzing Through Selective Symbolic Execution , 2016, NDSS.

[7]  Abhik Roychoudhury,et al.  Coverage-Based Greybox Fuzzing as Markov Chain , 2017, IEEE Trans. Software Eng..

[8]  David Brumley,et al.  Program-Adaptive Mutational Fuzzing , 2015, 2015 IEEE Symposium on Security and Privacy.