Publication Type
Conference Proceeding Article
Version
publishedVersion
Publication Date
8-2019
Abstract
Existing greybox fuzzers mainly utilize program coverage as the goal to guide the fuzzing process. To maximize their outputs, coverage-based greybox fuzzers need to evaluate the quality of seeds properly, which involves making two decisions: 1) which is the most promising seed to fuzz next (seed prioritization), and 2) how many efforts should be made to the current seed (power scheduling). In this paper, we present our fuzzer, Cerebro, to address the above challenges. For the seed prioritization problem, we propose an online multi-objective based algorithm to balance various metrics such as code complexity, coverage, execution time, etc. To address the power scheduling problem, we introduce the concept of input potential to measure the complexity of uncovered code and propose a cost-effective algorithm to update it dynamically. Unlike previous approaches where the fuzzer evaluates an input solely based on the execution traces that it has covered, Cerebro is able to foresee the benefits of fuzzing the input by adaptively evaluating its input potential. We perform a thorough evaluation for Cerebro on 8 different real-world programs. The experiments show that Cerebro can find more vulnerabilities and achieve better coverage than state-of-the-art fuzzers such as AFL and AFLFast.
Keywords
Fuzz Testing, Software Vulnerability
Discipline
OS and Networks | Software Engineering
Research Areas
Software and Cyber-Physical Systems
Publication
Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, Tallinn, Estonia, August 26-30
First Page
533
Last Page
544
ISBN
9781450355728
Identifier
10.1145/3338906.3338975
Publisher
Association for Computing Machinery
City or Country
Tallinn, Estonia
Citation
LI, Yuekang; XUE, Yinxing; CHEN, Hongxu; WU, Xiuheng; ZHANG, Cen; XIE, Xiaofei; WANG, Haijun; and LIU, Yang.
Cerebro: Context-aware adaptive fuzzing for effective vulnerability detection. (2019). Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, Tallinn, Estonia, August 26-30. 533-544.
Available at: https://ink.library.smu.edu.sg/sis_research/7072
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.