The Human Side of Fuzzing: Challenges Faced by Developers During Fuzzing Activities

H-Fuzzing: A New Heuristic Method for Fuzzing Data Generation

How to efficiently reduce the fuzzing data scale while assuring high fuzzing veracity and vulnerability coverage is a pivotal issue in program fuzz test. This paper proposes a new heuristic method for fuzzing data generation named with H-Fuzzing. H-Fuzzing achieves a high program execution path coverage by retrieving the static information and dynamic property from the program. Our experiments ...

The Evolving Art of Fuzzing

Deep Reinforcement Fuzzing

Fuzzing is the process of finding security vulnerabilities in input-processing code by repeatedly testing the code with modified inputs. In this paper, we formalize fuzzing as a reinforcement learning problem using the concept of Markov decision processes. This in turn allows us to apply state-of-theart deep Q-learning algorithms that optimize rewards, which we define from runtime properties of...

Directed Fuzzing Techniques

Beyond the more general fuzzing techniques that are, among others, used to generate tests with a certain amount of coverage, there exist techniques to direct fuzzers with the goal to execute specific program parts (recent changes, critical system calls, ...). A recent approach is described in [1]. The student is to examine the approach described in the given paper and compare it to similar exis...

0-knowledge fuzzing

Nowadays fuzzing is a pretty common technique used both by attackers and software developers. Currently known techniques usually involve knowing the protocol/format that needs to be fuzzed and having a basic understanding of how the user input is processed inside the binary. In the past since fuzzing was little-used obtaining good results with a small amount of effort was possible. Today findin...