MemFuzz:Using memory accesses to guide fuzzing

Coppik, N. and Schwahn, O. and Suri, Neeraj (2019) MemFuzz:Using memory accesses to guide fuzzing. In: 2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST). IEEE, pp. 48-58. ISBN 9781728117362

Full text not available from this repository.

Abstract

Fuzzing is a form of random testing that is widely used for finding bugs and vulnerabilities. State of the art approaches commonly leverage information about the control flow of prior executions of the program under test to decide which inputs to mutate further. By relying solely on control flow information to characterize executions, such approaches may miss relevant differences. We propose augmenting evolutionary fuzzing by additionally leveraging information about memory accesses performed by the target program. The resulting approach can leverage more sophisticated information about the execution of the target program, enhancing the effectiveness of the evolutionary fuzzing. We implement our approach as a modification of the widely used AFL fuzzer and evaluate our implementation on three widely used target applications. We find distinct crashes from those detected by AFL for all three targets in our evaluation.

Item Type:
Contribution in Book/Report/Proceedings
Subjects:
ID Code:
137428
Deposited By:
Deposited On:
15 Oct 2019 10:20
Refereed?:
Yes
Published?:
Published
Last Modified:
31 Jul 2020 04:11