Hashing Fuzzing: Introducing Input Diversity to Improve Crash Detection
نویسندگان
چکیده
The utility of a test set program inputs is strongly influenced by its diversity and size. Syntax coverage has become standard proxy for diversity. Although more sophisticated measures exist, such as proximity sample to uniform distribution, methods use them tend be type dependent. We r-wise hash functions create novel, semantics preserving, testability transformation C programs that we call HashFuzz. Use HashFuzz improves the sets produced instrumentation-based fuzzers. evaluate effect on eight from Google Fuzzer Test Suite using four state-of-the-art fuzzers have been widely used in previous research. demonstrate pronounced improvements performance transformed across all used. These include strong every case, maintenance or small improvement branch – up 4.8 perent best significant unique crash detection numbers between 28 97 increases compared untransformed programs.
منابع مشابه
Efficient Program Exploration by Input Fuzzing
One of the issues of a malware detection service is to update its database. For that, an analysis of new samples must be performed. Usually, one tries to replay the behavior of malware in a safe environment. But, a bot sample may activate a malicious function only if it receives some particular input from its command and control server. The game is to find inputs which activate all relevant bra...
متن کاملLearn&Fuzz: machine learning for input fuzzing
Fuzzing consists of repeatedly testing an application with modified, or fuzzed, inputs with the goal of finding security vulnerabilities in input-parsing code. In this paper, we show how to automate the generation of an input grammar suitable for input fuzzing using sample inputs and neural-network-based statistical machine-learning techniques. We present a detailed case study with a complex in...
متن کاملAn Ensemble Diversity Approach to Binary Hashing
Introduction Information retrieval tasks such as searching for a query image or document in a database are essentially a nearest-neighbor search. When the dimensionality of the query and the size of the database is large, approximate search is necessary. We focus on binary hashing, where the query and database are mapped onto low-dimensional binary vectors, where the search is performed. This h...
متن کاملIntroducing Non-linear Analysis into Sustained Speech Characterization to Improve Sleep Apnea Detection
We present a novel approach for detecting severe obstructive sleep apnea (OSA) cases by introducing non-linear analysis into sustained speech characterization. The proposed scheme was designed for providing additional information into our baseline system, built on top of state-of-the-art cepstral domain modeling techniques, aiming to improve accuracy rates. This new information is lightly corre...
متن کاملCrash-Quiescent Failure Detection
A distributed algorithm is crash quiescent if it eventually stops sending messages to crashed processes. An algorithm can be made crash quiescent by providing it with either a crash notification service or a reliable communication service. Both services can be implemented in practical environments with failure detectors. Therefore, crash-quiescent failure detection is fundamental to system-wide...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Transactions on Software Engineering
سال: 2022
ISSN: ['0098-5589', '1939-3520', '2326-3881']
DOI: https://doi.org/10.1109/tse.2021.3100858