Improvement of Seed Selection Strategy for Graybox Fuzzing

DOI

10.2991/emim-17.2017.113How to use a DOI?

Keywords

Software security; Fuzzing; American fuzzy loop; Operation system; Performance

Abstract

According to AFL(American fuzzy lop) author, the famous hacker Michal Zalewski (lcamtuf)said that most of the current bugs were found by the fuzzing, rather than symbolic execution and other technical analysis based on the discovery of the program. The reason is that fuzzing is faster (no analysis program is needed, no need to constrain), and more extensible (the effect of path explosion is smaller). At present, the commonly used fuzzing tool AFL is a security-oriented fuzzing device, which uses a new compile-time instruments and genetic algorithms to automatically find clear and interesting test cases, triggering the target binary file in the new internal state. In the process of using AFL, we found that its genetic algorithm can not guide the direction of fuzzing. Through the design to control the number of variation of each fuzzing seed, to guide it to the low frequency path direction variation, could get a better fuzzing effect. In the same time, the improved AFL was 3 times faster than the old AFL.

Copyright

© 2017, the Authors. Published by Atlantis Press.

Open Access

This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).

Download article (PDF)

TY  - CONF
AU  - Huabin Tang
AU  - Wei Wang
PY  - 2017/04
DA  - 2017/04
TI  - Improvement of Seed Selection Strategy for Graybox Fuzzing
BT  - Proceedings of the 7th International Conference on Education, Management, Information and Mechanical Engineering (EMIM 2017)
PB  - Atlantis Press
SP  - 557
EP  - 560
SN  - 2352-538X
UR  - https://doi.org/10.2991/emim-17.2017.113
DO  - 10.2991/emim-17.2017.113
ID  - Tang2017/04
ER  -