Title :
Enhancing fuzzing with a minimum set solver
Author :
Jinxin Ma ; Tao Zhang ; Puhan Zhang
Author_Institution :
China Inf. Technol. Security Evaluation Center, Beijing, China
Abstract :
Security corporations and researchers usually employ fuzzing techniques to find hiding bugs of programs. They collect millions of sample files to test target programs with mutating samples´ byte randomly. However, it wastes lots of time and computation resources because the programs mostly repeat same paths with these samples. In the paper, we design a flexible and efficient method to calculate the minimum set of sample files, refining the original samples but achieve same code coverage. In addition we also propose a method to monitoring target programs during fuzzing time, assuring fuzzing doesn´t work in vain. Our methods has two properties: 1) minimize the sample set for fast fuzzing and 2) monitoring fuzzing process to make proper adjusting. We have evaluated our methods with several real world programs and the results shows our fuzzing system is capable to detect vulnerabilities in shorter time.
Keywords :
fuzzy set theory; program testing; system monitoring; code coverage; fuzzing techniques; minimum set solver; mutating sample byte; program hiding bugs; sample files; security corporations; target program monitoring; target program testing; Automation; Monitoring; Security; Software; Testing;
Conference_Titel :
Advanced Computational Intelligence (ICACI), 2015 Seventh International Conference on
Conference_Location :
Wuyi
Print_ISBN :
978-1-4799-7257-9
DOI :
10.1109/ICACI.2015.7184730
