Abstract
We present a new method for random testing of binary executables inspired by biology. In our approach, we introduce the first fuzzer based on a mathematical model for optimal foraging. To minimize search time for possible vulnerabilities, we generate test cases with Levy flights in the input space. In order to dynamically adapt test generation behavior to actual path exploration performance, we define a suitable measure for quality evaluation of test cases. This measure takes into account previously discovered code regions and allows us to construct a feedback mechanism. By controlling diffusivity of the test case generating Levy processes with evaluation feedback from dynamic instrumentation, we are able to define a fully self-adaptive fuzzing algorithm. We aggregate multiple instances of such Levy flights to fuzzing swarms which reveal flexible, robust, decentralized, and self-organized behavior.
Highlights
As software ever increases in size and complexity, we face the significant challenge to validate the systems surrounding us
We generate a steady stream of new test cases which we directly evaluate with respect to the set of previously generated inputs
Just like search patterns in biology have evolved to optimal foraging strategies due to natural selection, so have evolved mathematical models to describe those patterns
Summary
As software ever increases in size and complexity, we face the significant challenge to validate the systems surrounding us. Possible approaches range from dynamic symbolic [1, 2] and concolic [3,4,5] execution to more or less random testing using generational, mutational, black-box, or white-box fuzzers [6, 7]. Within the latter domain of random test generation, current strategies for input generation basically rely on heuristics and sophisticated guessing. It is still an open question how to optimally generate inputs that trigger a maximum number of bugs in a finite amount of time
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
