articleOct 27, 2017Closed access
Directed Greybox Fuzzing
National University of Singapore
Indexed incrossref
Abstract
Existing Greybox Fuzzers (GF) cannot be effectively directed, for instance, towards problematic changes or patches, towards critical system calls or dangerous locations, or towards functions in the stack-trace of a reported vulnerability that we wish to reproduce. In this paper, we introduce Directed Greybox Fuzzing (DGF) which generates inputs with the objective of reaching a given set of target program locations efficiently. We develop and evaluate a simulated annealing-based power schedule that gradually assigns more energy to seeds that are closer to the target locations while reducing energy for seeds that are further away. Experiments with our implementation AFLGo demonstrate that DGF outperforms both…
Citation impact
714
total citations
- FWCI
- 67.52
- Percentile
- 100%
- References
- 47
Citations per year
Authors
4Topics & keywords
Topics
Keywords
- Fuzz testing
- Computer science
- Schedule
- Programming language
- Set (abstract data type)
- Vulnerability (computing)
- Crash
- Computer security
UN Sustainable Development Goals
- Affordable and clean energy
No related works found for this paper.