Guiding Directed Fuzzing with Feasibility

Weiheng Bai; Kefu Wu; Qiushi Wu; Kangjie Lu

doi:10.1109/EuroSPW59978.2023.00010

Guiding Directed Fuzzing with Feasibility

Weiheng Bai, Kefu Wu, Qiushi Wu, Kangjie Lu

Computer Science and Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Directed fuzzing is a useful technique that can confirm bugs found by static analysis, reproduce existing bugs, and efficiently test code changes. A general mechanism in directed fuzzing is to calculate the distance between the current progress and the target, and use that as a feedback to guide the directed fuzzing. A fundamental problem with existing distance calculation is that it is feasibility-unaware. For instance, it always assumes that the two branches of an if statement have equal feasibility, which is likely not true in real-world programs and would inevitablly incur significant biases in the directed fuzzing. In this work, we propose feasibility-aware directed fuzzing, AFLGopher. Our new feasibility-aware distance calculation provides precise feedback to guide directed fuzzing to reach targets efficiently. We propose new techniques to address challenges of the feasibility prediction. Our new classification method allows to predict the feasibility of all branches based on limited traces, and our runtime feasibility-updating mechanism gradually improves the prediction precision. We implement AFLGopher, and the evaluation results show that AFLGopher uses less time to reach the bugs, compared to the state of the art.

Original language	English (US)
Title of host publication	Proceedings - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	42-49
Number of pages	8
ISBN (Electronic)	9798350327205
DOIs	https://doi.org/10.1109/EuroSPW59978.2023.00010
State	Published - 2023
Event	8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023 - Delft, Netherlands Duration: Jul 3 2023 → Jul 7 2023

Publication series

Name	Proceedings - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023

Conference

Conference	8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023
Country/Territory	Netherlands
City	Delft
Period	7/3/23 → 7/7/23

Bibliographical note

Publisher Copyright:
© 2023 IEEE.

Access

10.1109/EuroSPW59978.2023.00010

OpenUrl availability

Full text

Cite this

Bai, W., Wu, K., Wu, Q., & Lu, K. (2023). Guiding Directed Fuzzing with Feasibility. In Proceedings - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023 (pp. 42-49). (Proceedings - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/EuroSPW59978.2023.00010

Guiding Directed Fuzzing with Feasibility. / Bai, Weiheng; Wu, Kefu; Wu, Qiushi et al.
Proceedings - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023. Institute of Electrical and Electronics Engineers Inc., 2023. p. 42-49 (Proceedings - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Bai, W, Wu, K, Wu, Q & Lu, K 2023, Guiding Directed Fuzzing with Feasibility. in Proceedings - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023. Proceedings - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023, Institute of Electrical and Electronics Engineers Inc., pp. 42-49, 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023, Delft, Netherlands, 7/3/23. https://doi.org/10.1109/EuroSPW59978.2023.00010

Bai W, Wu K, Wu Q, Lu K. Guiding Directed Fuzzing with Feasibility. In Proceedings - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023. Institute of Electrical and Electronics Engineers Inc. 2023. p. 42-49. (Proceedings - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023). doi: 10.1109/EuroSPW59978.2023.00010

@inproceedings{a2ad5d5ddb254ae3b530d7a05dc38df0,

title = "Guiding Directed Fuzzing with Feasibility",

abstract = "Directed fuzzing is a useful technique that can confirm bugs found by static analysis, reproduce existing bugs, and efficiently test code changes. A general mechanism in directed fuzzing is to calculate the distance between the current progress and the target, and use that as a feedback to guide the directed fuzzing. A fundamental problem with existing distance calculation is that it is feasibility-unaware. For instance, it always assumes that the two branches of an if statement have equal feasibility, which is likely not true in real-world programs and would inevitablly incur significant biases in the directed fuzzing. In this work, we propose feasibility-aware directed fuzzing, AFLGopher. Our new feasibility-aware distance calculation provides precise feedback to guide directed fuzzing to reach targets efficiently. We propose new techniques to address challenges of the feasibility prediction. Our new classification method allows to predict the feasibility of all branches based on limited traces, and our runtime feasibility-updating mechanism gradually improves the prediction precision. We implement AFLGopher, and the evaluation results show that AFLGopher uses less time to reach the bugs, compared to the state of the art.",

author = "Weiheng Bai and Kefu Wu and Qiushi Wu and Kangjie Lu",

note = "Publisher Copyright: {\textcopyright} 2023 IEEE.; 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023 ; Conference date: 03-07-2023 Through 07-07-2023",

year = "2023",

doi = "10.1109/EuroSPW59978.2023.00010",

language = "English (US)",

series = "Proceedings - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "42--49",

booktitle = "Proceedings - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023",

}

TY - GEN

T1 - Guiding Directed Fuzzing with Feasibility

AU - Bai, Weiheng

AU - Wu, Kefu

AU - Wu, Qiushi

AU - Lu, Kangjie

PY - 2023

Y1 - 2023

N2 - Directed fuzzing is a useful technique that can confirm bugs found by static analysis, reproduce existing bugs, and efficiently test code changes. A general mechanism in directed fuzzing is to calculate the distance between the current progress and the target, and use that as a feedback to guide the directed fuzzing. A fundamental problem with existing distance calculation is that it is feasibility-unaware. For instance, it always assumes that the two branches of an if statement have equal feasibility, which is likely not true in real-world programs and would inevitablly incur significant biases in the directed fuzzing. In this work, we propose feasibility-aware directed fuzzing, AFLGopher. Our new feasibility-aware distance calculation provides precise feedback to guide directed fuzzing to reach targets efficiently. We propose new techniques to address challenges of the feasibility prediction. Our new classification method allows to predict the feasibility of all branches based on limited traces, and our runtime feasibility-updating mechanism gradually improves the prediction precision. We implement AFLGopher, and the evaluation results show that AFLGopher uses less time to reach the bugs, compared to the state of the art.

AB - Directed fuzzing is a useful technique that can confirm bugs found by static analysis, reproduce existing bugs, and efficiently test code changes. A general mechanism in directed fuzzing is to calculate the distance between the current progress and the target, and use that as a feedback to guide the directed fuzzing. A fundamental problem with existing distance calculation is that it is feasibility-unaware. For instance, it always assumes that the two branches of an if statement have equal feasibility, which is likely not true in real-world programs and would inevitablly incur significant biases in the directed fuzzing. In this work, we propose feasibility-aware directed fuzzing, AFLGopher. Our new feasibility-aware distance calculation provides precise feedback to guide directed fuzzing to reach targets efficiently. We propose new techniques to address challenges of the feasibility prediction. Our new classification method allows to predict the feasibility of all branches based on limited traces, and our runtime feasibility-updating mechanism gradually improves the prediction precision. We implement AFLGopher, and the evaluation results show that AFLGopher uses less time to reach the bugs, compared to the state of the art.

UR - http://www.scopus.com/inward/record.url?scp=85168255877&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85168255877&partnerID=8YFLogxK

U2 - 10.1109/EuroSPW59978.2023.00010

DO - 10.1109/EuroSPW59978.2023.00010

M3 - Conference contribution

AN - SCOPUS:85168255877

T3 - Proceedings - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023

SP - 42

EP - 49

BT - Proceedings - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 8th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2023

Y2 - 3 July 2023 through 7 July 2023

ER -

Guiding Directed Fuzzing with Feasibility

Abstract

Publication series

Conference

Bibliographical note

Access

OpenUrl availability

Other files and links

Fingerprint

Cite this