AMSFuzz: An adaptive mutation schedule for fuzzing. (1st December 2022)
- Record Type:
- Journal Article
- Title:
- AMSFuzz: An adaptive mutation schedule for fuzzing. (1st December 2022)
- Main Title:
- AMSFuzz: An adaptive mutation schedule for fuzzing
- Authors:
- Zhao, Xiaoqi
Qu, Haipeng
Xu, Jianliang
Li, Shuo
Wang, Gai-Ge - Abstract:
- Abstract: Mutation-based fuzzing is one of the most popular software testing techniques. After allocating a specific amount of energy (i.e., the number of testcases generated by the seed) for the seed, it uses existing mutation operators to continuously mutate the seed to generate new testcases and feed them into the target program to discover unexpected behaviors, such as bugs, crashes, and vulnerabilities. However, the random selection of mutation operators and sequential selection of mutation positions in existing fuzzers affect path discovery and bug detection. In this paper, a novel adaptive mutation schedule framework, AMSFuzz is proposed. For the random selection of mutation operators, AMSFuzz has the ability to adaptively adjust the probability distribution of mutation operators to select mutation operators. Aiming at the sequential selection of mutation positions, seeds are dynamically sliced with different sizes during the fuzzing process and giving more seeds the opportunity to preferentially mutate, improving the efficiency of fuzzing. AMSFuzz is implemented and evaluated in 12 real-world programs and LAVA-M dataset. The results show that AMSFuzz substantially outperforms state-of-the-art fuzzers in terms of path discovery and bug detection. Additionally, AMSFuzz has detected 17 previously unknown bugs in several projects, 15 of which were assigned CVE IDs. Highlights: Mutation operators and mutation regions affect the performance of fuzzing. Adaptive mutationAbstract: Mutation-based fuzzing is one of the most popular software testing techniques. After allocating a specific amount of energy (i.e., the number of testcases generated by the seed) for the seed, it uses existing mutation operators to continuously mutate the seed to generate new testcases and feed them into the target program to discover unexpected behaviors, such as bugs, crashes, and vulnerabilities. However, the random selection of mutation operators and sequential selection of mutation positions in existing fuzzers affect path discovery and bug detection. In this paper, a novel adaptive mutation schedule framework, AMSFuzz is proposed. For the random selection of mutation operators, AMSFuzz has the ability to adaptively adjust the probability distribution of mutation operators to select mutation operators. Aiming at the sequential selection of mutation positions, seeds are dynamically sliced with different sizes during the fuzzing process and giving more seeds the opportunity to preferentially mutate, improving the efficiency of fuzzing. AMSFuzz is implemented and evaluated in 12 real-world programs and LAVA-M dataset. The results show that AMSFuzz substantially outperforms state-of-the-art fuzzers in terms of path discovery and bug detection. Additionally, AMSFuzz has detected 17 previously unknown bugs in several projects, 15 of which were assigned CVE IDs. Highlights: Mutation operators and mutation regions affect the performance of fuzzing. Adaptive mutation operator schedule and seed slicing mechanism are proposed. The proposed methods have better performance in path discovery and bug detection. … (more)
- Is Part Of:
- Expert systems with applications. Volume 208(2022)
- Journal:
- Expert systems with applications
- Issue:
- Volume 208(2022)
- Issue Display:
- Volume 208, Issue 2022 (2022)
- Year:
- 2022
- Volume:
- 208
- Issue:
- 2022
- Issue Sort Value:
- 2022-0208-2022-0000
- Page Start:
- Page End:
- Publication Date:
- 2022-12-01
- Subjects:
- Fuzzing -- Schedule -- Multi-armed bandit problem -- Path discovery -- Bug detection -- Vulnerability
Expert systems (Computer science) -- Periodicals
Systèmes experts (Informatique) -- Périodiques
Electronic journals
006.33 - Journal URLs:
- http://www.sciencedirect.com/science/journal/09574174 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.eswa.2022.118162 ↗
- Languages:
- English
- ISSNs:
- 0957-4174
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3842.004220
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 23385.xml