Removing Uninteresting Bytes in Software Fuzzing

2022 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW)(2022)

引用 0|浏览41
Software fuzzing mutates bytes in test seeds to explore different behaviors of a program under test. Initial seeds can have great impact on the performance of fuzzing campaigns. Mutating a lot of uninteresting bytes in a large seed wastes the fuzzing resources and slows down the exploration of important parts of the program. However, identifying "uninteresting" bytes is difficult. In this paper, we propose and evaluate Diar, a simple approach for mitigating the problem of uninteresting bytes in the seeds. In this approach, we call a byte uninteresting if its removal does not substantially change the coverage of a seed. Next, we use the non-adequate test reduction technique to remove such bytes in the seeds. We performed a preliminary study by applying this approach on the initial seeds in two fuzzing campaigns. Our results suggest fuzzing campaigns that start with reduced seeds, find new paths faster, and can produce higher coverage overall.
fuzzing campaigns,uninteresting bytes,software fuzzing,fuzzing resources,nonadequate test reduction technique,Diar approach
AI 理解论文