Abstract

Fuzzing is an important method for binary vulnerability mining. It can analyze binary programs without their source codes, which is not easy to do by other technologies. But due to the blindness of input generation, binary fuzzing often falls into traps for a long time when the new mutated inputs cannot generate unexplored paths. In this paper, we propose an efficient and flexible fuzzing framework named Tinker. It defines the growth rate of path coverage to measure the current state of fuzzing. If the fuzzing falls into low-speed or blocked states, a symbolic analysis procedure is invoked to generate a new input which can help the fuzzing jump out of the trap. In the symbolic analysis procedure, we employ dynamic execution to track the traversed nodes. The untraversed branches are then identified according to the recorded data of American Fuzzy Lop (AFL) [M. Zalewski, American Fuzzy Lop (2014), http://lcamtuf.coredump.cx/afl/ ]. At last, we employ control flow graph (CFG) to construct complete paths to these branches and a new input is generated using symbolic execution. Moreover, to expedite the detection of vulnerabilities, we generate inputs which trigger more high-risk system calls first, such that the possibility of finding vulnerabilities can be improved. Tinker has been implemented and the experiments on DARPA CGC benchmark show that Tinker is more efficient in vulnerability mining than state-of-the-art binary vulnerability mining tools.

Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Optimization Research of Directed Fuzzing Based on AFL
Tao Feng ... Jinkun Liu
Electronics | VOL. 11
Tao Feng, et. al.Tao Feng ... Jinkun Liu
07 Dec 2022
Guide Fuzzing with Multi-Factor Potential Analysis
Luhang Xu ... Qiuxi Zhong
-
Luhang Xu, et. al.Luhang Xu ... Qiuxi Zhong
01 Jul 2018
A Survey of Hybrid Fuzzing based on Symbolic Execution
Tao Zhang ... Xiaoran Zheng
-
Tao Zhang, et. al.Tao Zhang ... Xiaoran Zheng
04 Dec 2020
Building a CFG to Include Exceptions
Seong-Kyun Mok ... Eun-Sun Cho
-
Seong-Kyun Mok, et. al.Seong-Kyun Mok ... Eun-Sun Cho
01 Jul 2018
View more papers

More From: International Journal of Software Engineering and Knowledge Engineering

Paper Title
Journal
Date
Author
Selecting Third-Party Libraries: The Web Developers’ Perspective
Mehreen Tabassum ... Wasi Haider Butt
International Journal of Software Engineering and Knowledge Engineering | VOL. -
Mehreen Tabassum, et. al.Mehreen Tabassum ... Wasi Haider Butt
09 Oct 2024
Software quality assessment model: A new approach for software testing tools
Zulkifli Zulkifli ... Dikpride Despa
International Journal of Software Engineering and Knowledge Engineering | VOL. -
Zulkifli Zulkifli, et. al.Zulkifli Zulkifli ... Dikpride Despa
04 Oct 2024
A Formal Language for Performance Evaluation Based on Reinforcement Learning
Fujun Wang ... Lixing Tan
International Journal of Software Engineering and Knowledge Engineering | VOL. -
Fujun Wang, et. al.Fujun Wang ... Lixing Tan
30 Sep 2024
An Empirical Study of the Impact of Class Overlap on the Performance and Interpretability of Cross-Version Defect Prediction
Hui Han ... Yu Zhang
International Journal of Software Engineering and Knowledge Engineering | VOL. -
Hui Han, et. al.Hui Han ... Yu Zhang
21 Sep 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.