论文信息 - LLVM-based Hybrid Fuzzing with LibKluzzer (Competition Contribution)

LLVM-based Hybrid Fuzzing with LibKluzzer (Competition Contribution)

LibKluzzer is a novel implementation of hybrid fuzzing, which combines the strengths of coverage-guided fuzzing and dynamic symbolic execution (a.k.a. whitebox fuzzing). While coverage-guided fuzzing can discover new execution paths at nearly native speed, whitebox fuzzing is capable of getting through complex branch conditions. In contrast to existing hybrid fuzzers, that operate directly on binaries, LibKluzzer leverages the LLVM compiler framework to work at the source code level. It employs LibFuzzer as the coverage-guided fuzzing component and KLUZZER, an extension of KLEE, as the whitebox fuzzing component.

Hoang M. Le | H. M. Le

[1] Heng Yin,et al. Send Hardest Problems My Way: Probabilistic Path Prioritization for Hybrid Fuzzing , 2019, NDSS.

[2] Dawson R. Engler,et al. KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs , 2008, OSDI.

[3] Christopher Krügel,et al. Driller: Augmenting Fuzzing Through Selective Symbolic Execution , 2016, NDSS.

[4] David L. Dill,et al. A Decision Procedure for Bit-Vectors and Arrays , 2007, CAV.

[5] Meng Xu,et al. QSYM : A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing , 2018, USENIX Security Symposium.

[6] Hoang M. Le,et al. KLUZZER: Whitebox Fuzzing on Top of LLVM , 2019, ATVA.

[7] Patrice Godefroid,et al. Automated Whitebox Fuzz Testing , 2008, NDSS.