2015 IEEE Symposium on Security and Privacy (SP) (2015)

San Jose, CA, USA

May 17, 2015 to May 21, 2015

ISSN: 1081-6011

ISBN: 978-1-4673-6949-7

pp: 725-741

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SP.2015.50

ABSTRACT

We present the design of an algorithm to maximize the number of bugs found for black-box mutational fuzzing given a program and a seed input. The major intuition is to leverage white-box symbolic analysis on an execution trace for a given program-seed pair to detect dependencies among the bit positions of an input, and then use this dependency relation to compute a probabilistically optimal mutation ratio for this program-seed pair. Our result is promising: we found an average of 38.6% more bugs than three previous fuzzers over 8 applications using the same amount of fuzzing time.

INDEX TERMS

fuzzy set theory, probability, program debugging

CITATION

S. K. Cha, M. Woo and D. Brumley, "Program-Adaptive Mutational Fuzzing,"

*2015 IEEE Symposium on Security and Privacy (SP)*, San Jose, CA, USA, 2015, pp. 725-741.

doi:10.1109/SP.2015.50

CITATIONS