Program-Adaptive Mutational Fuzzing
Sang Kil Cha
Presented at the
2015 IEEE Symposium on Security & Privacy
May 18--20, 2015
San Jose, CA
http://www.ieee-security.org/TC/SP2015/
ABSTRACT
We present the design of an algorithm to maximize the number of bugs found for black-box mutational fuzzing given a program and a seed input. The major intuition is to leverage white-box symbolic analysis on an execution trace for a given program-seed pair to detect dependencies among the bit positions of an input, and then use this dependency relation to compute a probabilistically optimal mutation ratio for this program-seed pair. Our result is promising: we found an average of 38.6% more bugs than three previous fuzzers over 8 applications using the same amount of fuzzing time.
