MuFuzz: Sequence-Aware Mutation and Seed Mask Guidance for Blockchain Smart Contract Fuzzing
CoRR(2023)
摘要
As blockchain smart contracts become more widespread and carry more valuable
digital assets, they become an increasingly attractive target for attackers.
Over the past few years, smart contracts have been subject to a plethora of
devastating attacks, resulting in billions of dollars in financial losses.
There has been a notable surge of research interest in identifying defects in
smart contracts. However, existing smart contract fuzzing tools are still
unsatisfactory. They struggle to screen out meaningful transaction sequences
and specify critical inputs for each transaction. As a result, they can only
trigger a limited range of contract states, making it difficult to unveil
complicated vulnerabilities hidden in the deep state space.
In this paper, we shed light on smart contract fuzzing by employing a
sequence-aware mutation and seed mask guidance strategy. In particular, we
first utilize data-flow-based feedback to determine transaction orders in a
meaningful way and further introduce a sequence-aware mutation technique to
explore deeper states. Thereafter, we design a mask-guided seed mutation
strategy that biases the generated transaction inputs to hit target branches.
In addition, we develop a dynamic-adaptive energy adjustment paradigm that
balances the fuzzing resource allocation during a fuzzing campaign. We
implement our designs into a new smart contract fuzzer named MuFuzz, and
extensively evaluate it on three benchmarks. Empirical results demonstrate that
MuFuzz outperforms existing tools in terms of both branch coverage and bug
finding. Overall, MuFuzz achieves higher branch coverage than state-of-the-art
fuzzers (up to 25%) and detects 30% more bugs than existing bug detectors.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要