期刊
IEEE TRANSACTIONS ON CYBERNETICS
卷 52, 期 5, 页码 3745-3756出版社
IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC
DOI: 10.1109/TCYB.2020.3013675
关键词
Fuzzing; Computer bugs; Predictive models; Machine learning; Feature extraction; Software; Numerical models; Fuzz testing; graph embedding; vulnerability prediction
类别
资金
- NSFC [U1936215, U1836202, 61772466]
- National Key Research and Development Program of China [2018YFB0804102, 2020YFB1804705]
- Zhejiang Provincial Natural Science Foundation for Distinguished Young Scholars [LR19F020003]
- Zhejiang Provincial Key Research and Development Program [2019C01055, 2020C01021]
- Industrial Internet Innovation and Development Project [TC190A449]
- Major Scientific Project of Zhejiang Lab [2018FD0ZX01]
This article introduces an evolutionary fuzzing framework called V-Fuzz, which efficiently identifies vulnerabilities in binary programs using a vulnerability prediction model and an evolutionary algorithm. Experimental results demonstrate that V-Fuzz is effective in finding bugs and has discovered new vulnerabilities.
Fuzzing is a technique of finding bugs by executing a target program recurrently with a large number of abnormal inputs. Most of the coverage-based fuzzers consider all parts of a program equally and pay too much attention to how to improve the code coverage. It is inefficient as the vulnerable code only takes a tiny fraction of the entire code. In this article, we design and implement an evolutionary fuzzing framework called V-Fuzz, which aims to find bugs efficiently and quickly in limited time for binary programs. V-Fuzz consists of two main components: 1) a vulnerability prediction model and 2) a vulnerability-oriented evolutionary fuzzer. Given a binary program to V-Fuzz, the vulnerability prediction model will give a prior estimation on which parts of a program are more likely to be vulnerable. Then, the fuzzer leverages an evolutionary algorithm to generate inputs which are more likely to arrive at the vulnerable locations, guided by the vulnerability prediction result. The experimental results demonstrate that V-Fuzz can find bugs efficiently with the assistance of vulnerability prediction. Moreover, V-Fuzz has discovered ten common vulnerabilities and exposures (CVEs), and three of them are newly discovered.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据