Removing Uninteresting Bytes in Software Fuzzing

2022 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW)(2022)

引用 0|浏览41
暂无评分
摘要
Software fuzzing mutates bytes in test seeds to explore different behaviors of a program under test. Initial seeds can have great impact on the performance of fuzzing campaigns. Mutating a lot of uninteresting bytes in a large seed wastes the fuzzing resources and slows down the exploration of important parts of the program. However, identifying "uninteresting" bytes is difficult. In this paper, we propose and evaluate Diar, a simple approach for mitigating the problem of uninteresting bytes in the seeds. In this approach, we call a byte uninteresting if its removal does not substantially change the coverage of a seed. Next, we use the non-adequate test reduction technique to remove such bytes in the seeds. We performed a preliminary study by applying this approach on the initial seeds in two fuzzing campaigns. Our results suggest fuzzing campaigns that start with reduced seeds, find new paths faster, and can produce higher coverage overall.
更多
查看译文
关键词
fuzzing campaigns,uninteresting bytes,software fuzzing,fuzzing resources,nonadequate test reduction technique,Diar approach
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络