Litcius/Paper detail

WindRanger

Zhengjie Du, Yuekang Li, Yang Liu, Bing Mao

2022Proceedings of the 44th International Conference on Software Engineering64 citationsDOI

Abstract

Directed grey-box fuzzing (DGF) is a security testing technique that aims to steer the fuzzer towards predefined target sites in the program. To gain directedness, DGF prioritizes the seeds whose execution traces are closer to the target sites. Therefore, evaluating the distance between the execution trace of a seed and the target sites (aka, the seed distance) is important for DGF. The first directed grey-box fuzzer, AFLGo, uses an approach of calculating the basic block level distances during static analysis and accumulating the distances of the executed basic blocks to compute the seed distance. Following AFLGo, most of the existing state-of-the-art DGF techniques use all the basic blocks on the execution trace and only the control flow information for seed distance calculation. However, not every basic block is equally important and there are certain basic blocks where the execution trace starts to deviate from the target sites (aka, deviation basic blocks).

Topics & Concepts

Fuzz testingTRACE (psycholinguistics)Computer scienceAKABlock (permutation group theory)Control flowAlgorithmProgramming languageMathematicsSoftwarePhilosophyGeometryLinguisticsLibrary scienceSoftware Testing and Debugging TechniquesAdvanced Malware Detection TechniquesSoftware Reliability and Analysis Research