Title :
Effective Fuzzing Based on Dynamic Taint Analysis
Author :
Guangcheng Liang ; Lejian Liao ; Xin Xu ; Jianguang Du ; Guoqiang Li ; Henglong Zhao
Author_Institution :
Beijing Key Lab. of Intell. Inf. Technol., Beijing Inst. of Technol., Beijing, China
Abstract :
In this paper we present a new vulnerability-targeted black box fuzzing approach to effectively detect errors in the program. Unlike the standard fuzzing techniques that randomly change bytes of the input file, our approach remarkably reduces the fuzzing range by utilizing an efficient dynamic taint analysis technique. It locates the regions of seed files that affect the values used at the hazardous points. Thus it enables to pay more attention to deep errors in the core of the program. Because our approach is directly targeted to the specific potential vulnerabilities, most of the detected errors are with vulnerability signatures. Besides, this approach does not need the information of the input file format in advance. So it is especially appropriate for testing applications with complex and highly structured input file formats. We design and implement a prototype, Taint Fuzz, to realize this approach. The experiments demonstrate that Taint Fuzz can effectively expose more errors with much lower time cost and much smaller number of input samples compared with the standard fuzzer.
Keywords :
security of data; Taint Fuzz; dynamic taint analysis; hazardous points; seed files; standard fuzzer; standard fuzzing; structured input file formats; vulnerability signatures; vulnerability-targeted black box fuzzing; Instruments; Memory management; Performance analysis; Security; Software; Standards; Testing; dynamic taint analysis; hazardous points; lightweight analysis; vulnerability-targeted fuzzing;
Conference_Titel :
Computational Intelligence and Security (CIS), 2013 9th International Conference on
Conference_Location :
Leshan
Print_ISBN :
978-1-4799-2548-3
DOI :
10.1109/CIS.2013.135
