Conference
MC2: Rigorous and Efficient Directed Greybox Fuzzing
| العنوان: | MC2: Rigorous and Efficient Directed Greybox Fuzzing |
|---|---|
| المؤلفون: | Shah, Abhishek, She, Dongdong, Sadhu, Samanway, Singal, Krish, Coffman, Peter, Jana, Suman |
| بيانات النشر: | Association for Computing Machinery |
| سنة النشر: | 2022 |
| المجموعة: | The Hong Kong University of Science and Technology: HKUST Institutional Repository |
| مصطلحات موضوعية: | Automated vulnerability detection, Execution complexity, Greybox fuzzing, Monte carlo counting, Noisy binary search |
| الوصف: | Directed greybox fuzzing is a popular technique for targeted software testing that seeks to find inputs that reach a set of target sites in a program. Most existing directed greybox fuzzers do not provide any theoretical analysis of their performance or optimality. In this paper, we introduce a complexity-theoretic framework to pose directed greybox fuzzing as an oracle-guided search problem where some feedback about the input space (e.g., how close an input is to the target sites) is received by querying an oracle. Our framework assumes that each oracle query can return arbitrary content with a large but constant amount of information. Therefore, we use the number of oracle queries required by a fuzzing algorithm to find a target-reaching input as the performance metric. Using our framework, we design a randomized directed greybox fuzzing algorithm that makes a logarithmic (wrt. the number of all possible inputs) number of queries in expectation to find a target-reaching input. We further prove that the number of oracle queries required by our algorithm is optimal, i.e., no fuzzing algorithm can improve (i.e., minimize) the query count by more than a constant factor. We implement our approach in MC2 and outperform state-of-the-art directed greybox fuzzers on challenging benchmarks (Magma and Fuzzer Test Suite) by up to two orders of magnitude (i.e., 134times) on average. MC2 also found 15 previously undiscovered bugs that other state-of-the-art directed greybox fuzzers failed to find. |
| نوع الوثيقة: | conference object |
| اللغة: | English |
| تدمد: | 1543-7221 |
| Relation: | https://repository.hkust.edu.hk/ir/Record/1783.1-128690; CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security / Association for Computing Machinery. New York, NY : Association for Computing Machinery, 2022, p. 2595-2609; https://doi.org/10.1145/3548606.3560648; http://lbdiscover.ust.hk/uresolver?url_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rfr_id=info:sid/HKUST:SPI&rft.genre=article&rft.issn=1543-7221&rft.volume=&rft.issue=&rft.date=2022&rft.spage=2595&rft.aulast=Shah&rft.aufirst=Abhishek&rft.atitle=MC2%3A+Rigorous+and+Efficient+Directed+Greybox+Fuzzing&rft.title=Proceedings+of+the+ACM+Conference+on+Computer+and+Communications+Security; http://www.scopus.com/record/display.url?eid=2-s2.0-85143048074&origin=inward |
| DOI: | 10.1145/3548606.3560648 |
| الاتاحة: | https://repository.hkust.edu.hk/ir/Record/1783.1-128690 https://doi.org/10.1145/3548606.3560648 http://lbdiscover.ust.hk/uresolver?url_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rfr_id=info:sid/HKUST:SPI&rft.genre=article&rft.issn=1543-7221&rft.volume=&rft.issue=&rft.date=2022&rft.spage=2595&rft.aulast=Shah&rft.aufirst=Abhishek&rft.atitle=MC2%3A+Rigorous+and+Efficient+Directed+Greybox+Fuzzing&rft.title=Proceedings+of+the+ACM+Conference+on+Computer+and+Communications+Security http://www.scopus.com/record/display.url?eid=2-s2.0-85143048074&origin=inward |
| رقم الانضمام: | edsbas.E52B9D27 |
| قاعدة البيانات: | BASE |
| تدمد: | 15437221 |
|---|---|
| DOI: | 10.1145/3548606.3560648 |