Abstract
Abstract Fuzzing detects hidden defects and vulnerabilities in software by generating a large amount of malformed input data and monitoring program anomalies. The existing fuzzing methods suffer from data imbalance when modeling program branching behaviors, making it difficult to accurately locate data fields that are strongly correlated with low-frequency program branching decisions. In addition, the existing methods do not determine variation direction when mutating the test data and do not distinguish between valid/invalid data fields, resulting in duplicate testing of certain program branches. In this paper, we propose a fuzzing method to enhance the coverage of low-frequency program branches. A low-frequency perception network and a forward gradient-guided mutating strategy are proposed to clarify the magnitude and sign when mutating key data fields. Experiments show that the proposed method effectively improves code coverage by increasing low-frequency branch coverage.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call