VUzzer: Application-aware Evolutionary Fuzzing.

Sanjay Rawat, Vivek Jain, Ashish Kumar, Lucian Cojocar, Cristiano Giuffrida, Herbert Bos

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)

568 Citations (Scopus)

Abstract

Fuzzing is an effective software testing technique to find bugs. Given the size and complexity of real-world applications, modern fuzzers tend to be either scalable, but not effective in exploring bugs that lie deeper in the execution, or capable of penetrating deeper in the application, but not scalable.

In this paper, we present an application-aware evolutionary fuzzing strategy that does not require any prior knowledge of the application or input format. In order to maximize coverage and explore deeper paths, we leverage control- and data-flow features based on static and dynamic analysis to infer fundamental properties of the application. This enables much faster generation of interesting inputs compared to an application-agnostic approach. We implement our fuzzing strategy in VUzzer and evaluate it on three different datasets: DARPA Grand Challenge binaries (CGC), a set of real-world applications (binary input parsers), and the recently released LAVA dataset. On all of these datasets, VUzzer yields significantly better results than state-of-the-art fuzzers, by quickly finding several existing and new bugs.
Original languageEnglish
Title of host publicationNetwork and Distributed System Security Symposium (NDSS), 2017
PublisherInternet Society
Pages1-14
Number of pages14
Volume17
ISBN (Electronic)1891562460
DOIs
Publication statusPublished - 27 Feb 2017

Fingerprint

Dive into the research topics of 'VUzzer: Application-aware Evolutionary Fuzzing.'. Together they form a unique fingerprint.

Cite this