Title :
Program-Adaptive Mutational Fuzzing
Author :
Sang Kil Cha ; Woo, Maverick ; Brumley, David
Author_Institution :
Carnegie Mellon Univ., Pittsburgh, PA, USA
Abstract :
We present the design of an algorithm to maximize the number of bugs found for black-box mutational fuzzing given a program and a seed input. The major intuition is to leverage white-box symbolic analysis on an execution trace for a given program-seed pair to detect dependencies among the bit positions of an input, and then use this dependency relation to compute a probabilistically optimal mutation ratio for this program-seed pair. Our result is promising: we found an average of 38.6% more bugs than three previous fuzzers over 8 applications using the same amount of fuzzing time.
Keywords :
fuzzy set theory; probability; program debugging; bit positions; black-box mutational fuzzing; bugs; dependency relation; execution trace; fuzzing time; probabilistically optimal mutation ratio; program-adaptive mutational fuzzing; program-seed pair; white-box symbolic analysis; Computer bugs; Hamming distance; Optimization; Security; Software; Testing; fuzzing; mutation ratio optimization; mutational fuzzing; software testing;
Conference_Titel :
Security and Privacy (SP), 2015 IEEE Symposium on
Conference_Location :
San Jose, CA
