Ifuzzer: An evolutionary interpreter fuzzer using genetic programming

Spandan Veggalam, Sanjay Rawat, Istvan Haller, Herbert Bos

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)

46 Citations (Scopus)

Abstract

We present an automated evolutionary fuzzing technique to find bugs in JavaScript interpreters. Fuzzing is an automated black box testing technique used for finding security vulnerabilities in the software by providing random data as input. However, in the case of an interpreter, fuzzing is challenging because the inputs are piece of codes that should be syntactically/semantically valid to pass the interpreter’s elementary checks. On the other hand, the fuzzed input should also be uncommon enough to trigger exceptional behavior in the interpreter, such as crashes, memory leaks and failing assertions. In our approach, we use evolutionary computing techniques, specifically genetic programming, to guide the fuzzer in generating uncommon input code fragments that may trigger exceptional behavior in the interpreter. We implement a prototype named IFuzzer to evaluate our technique on real-world examples. IFuzzer uses the language grammar to generate valid inputs. We applied IFuzzer first on an older version of the JavaScript interpreter of Mozilla (to allow for a fair comparison to existing work) and found 40 bugs, of which 12 were exploitable. On subsequently targeting the latest builds of the interpreter, IFuzzer found 17 bugs, of which four were security bugs.
Original languageEnglish
Title of host publicationEuropean Symposium on Research in Computer Security
Subtitle of host publicationESORICS 2016. Lecture Notes in Computer Science
Pages581-601
Number of pages21
Volume9878
ISBN (Electronic)9783319457444
DOIs
Publication statusPublished - 15 Sep 2016

Publication series

Name
ISSN (Print)0302-9743

Fingerprint

Dive into the research topics of 'Ifuzzer: An evolutionary interpreter fuzzer using genetic programming'. Together they form a unique fingerprint.

Cite this