Abstract | ||
---|---|---|
We present the design of an algorithm to maximize the number of bugs found for black-box mutational fuzzing given a program and a seed input. The major intuition is to leverage white-box symbolic analysis on an execution trace for a given program-seed pair to detect dependencies among the bit positions of an input, and then use this dependency relation to compute a probabilistically optimal mutation ratio for this program-seed pair. Our result is promising: we found an average of 38.6% more bugs than three previous fuzzers over 8 applications using the same amount of fuzzing time. |
Year | DOI | Venue |
---|---|---|
2015 | 10.1109/SP.2015.50 | 2015 IEEE Symposium on Security and Privacy |
Keywords | Field | DocType |
fuzzing,mutation ratio optimization,mutational fuzzing,software testing | Dependency relation,Fuzz testing,Mutation testing,Computer science,Computer security,Intuition,Theoretical computer science,Symbolic data analysis,Software testing | Conference |
ISSN | Citations | PageRank |
1081-6011 | 53 | 2.31 |
References | Authors | |
32 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Sang Kil Cha | 1 | 542 | 27.02 |
Maverick Woo | 2 | 88 | 3.79 |
David Brumley | 3 | 2940 | 142.75 |