Mutation Optimization of Directional Fuzzing for Cumulative Defects

被引:0
作者
Yang K. [1 ,2 ]
He Y.-P. [1 ,2 ,3 ]
Ma H.-T. [1 ,2 ]
Dong K. [1 ,2 ]
Xie Y. [1 ,2 ]
Cai C.-F. [1 ,2 ]
机构
[1] National Engineering Research Center of Fundamental Software, Institute of Software, Chinese Academy of Sciences, Beijing
[2] University of Chinese Academy of Sciences, Beijing
[3] State Key Laboratory of Computer Science, Institute of Software, Chinese Academy of Sciences, Beijing
来源
Ruan Jian Xue Bao/Journal of Software | 2023年 / 34卷 / 05期
关键词
cumulative defects; cumulative input; differential mutation; directed fuzzing; format discrimination; optimization;
D O I
10.13328/j.cnki.jos.006491
中图分类号
学科分类号
摘要
Many quantifiable state-out-of-bound software defects, such as access violations, memory exhaustion, and performance failures, are caused by a large quantity of input data. However, existing dependent data identification and mutation optimization technologies for grey-box fuzzing mainly focus on fixed-length data formats. They are not efficient in increasing the amount of cumulated data required by the accumulated buggy states. This study proposes a differential mutation method to accelerate feature state optimization during the directed fuzzing. By monitoring the seed that updates the maximum or minimum state value of the cumulative defects, the effective mutate offset and content are determined. The frequency is leveraged and the distribution of the effective mutation is offset to distinguish whether the feature value of the defect depends on a fixed field or cumulative data in the input. The effective mutation content is reused as a material in the cumulative input mutation to accelerate the bug reproduction or directed testing. Based on this idea, this study implements the fuzzing tool Jigsaw. The evaluation results on the experimental data set show that the proposed dependency detection method can efficiently detect the input data type that drives the feature value of cumulative defects and the mutation method significantly shorten the reproduction time of the cumulative defect that requires a large amount of special input data. © 2023 Chinese Academy of Sciences. All rights reserved.
引用
收藏
页码:2286 / 2299
页数:13
相关论文
共 28 条
[1]  
Serebryany K., Continuous fuzzing with LibFuzzer and AddressSanitizer, Proc. of the 2016 IEEE Cybersecurity Development (SecDev), (2016)
[2]  
Bohme M, Pham VT, Nguyen MD, Roychoudhury A., Directed greybox fuzzing, Proc. of the 2017 ACM SIGSAC Conf. on Computer and Communications Security, pp. 2329-2344, (2017)
[3]  
Chen HX, Xue YX, Li YK, Chen BH, Xie XF, Wu XH, Liu Y., Hawkeye: Towards a desired directed grey-box fuzzer, Proc. of the 2018 ACM SIGSAC Conf. on Computer and Communications Security, pp. 2095-2108, (2018)
[4]  
Wen C, Wang HJ, Li YK, Qin SC, Liu Y, Xu ZW, Chen HX, Xie XF, Pu GG, Liu T., MemLock: Memory usage guided fuzzing, Proc. of the 42nd Int’l Conf. on Software Engineering, pp. 765-777, (2020)
[5]  
Petsios T, Zhao J, Keromytis AD, Jana S., SlowFuzz: Automated domain-independent detection of algorithmic complexity vulnerabilities, Proc. of the 2017 ACM SIGSAC Conf. on Computer and Communications Security, pp. 2155-2168, (2017)
[6]  
Jeong DR, Kim K, Shivakumar B, Lee B, Shin I., Razzer: Finding kernel race bugs through fuzzing, Proc. of the 2019 IEEE Symp. on Security and Privacy (SP), pp. 754-768, (2019)
[7]  
Xu M, Kashyap S, Zhao HQ, Kim T., Krace: Data race fuzzing for kernel file systems, Proc. of the 2020 IEEE Symp. on Security and Privacy (SP), pp. 1643-1660, (2020)
[8]  
Rawat S, Jain V, Kumar A, Cojocar L, Giuffrida C, Bos H., VUzzer: Application-aware evolutionary fuzzing, Proc. of the 24th Annual Network and Distributed System Security Symp, pp. 1-14, (2017)
[9]  
Li YK, Chen BH, Chandramohan M, Lin SW, Liu Y, Tiu A., Steelix: Program-state based binary fuzzing, Proc. of the 11th Joint Meeting on Foundations of Software Engineering, pp. 627-637, (2017)
[10]  
Aschermann C, Schumilo S, Blazytko T, Gawlik R, Holz T., REDQUEEN: Fuzzing with input-to-state correspondence, Proc. of the 26th Annual Network and Distributed System Security Symp, pp. 1-15, (2019)
123