Proj THUDBFuzz Paper Reading: A Review of Machine Learning Applications in Fuzzing


	Proj THUDBFuzz Paper Reading: A Review of Machine Learning Applications in Fuzzing
[编程语言教程]

2 Overview of Fuzzing

Generation-based fuzzer

Peach, Sulley

Evolutionary Fuzzers

honggfuzz, AFL, libFuzzer

Mutation-based fuzzers

  1. where to mutate
  2. what new value to use for the mutation

常用变异方法: 随机生成,specific bit flips, integer increments, integer bound analysis, substitution

Symbolic Execution

  1. Driller
  2. SAGE

需要平衡符号执行的代价,The computational costs and path explosion remain significant hurdles.

Input test scheduling

FuzzSim: 能够通过多次迭代使用输入的性能信息快速比较选择输入的策略
SEC Consult通过人工分析忽略输入空间的一部分

Interesting Program State

  1. Valgrind等可以在程序没有崩溃的时候检测到memory corruption
  2. Heelan等使用fuzzing来确定潜在的memory allocators

The definition of what an interesting program state should be remains a research challenge

Evaluate Inputs

libFuzzer使用data coverage,如果一个输入引起新数据值出现在之前已经比较过的comparison中,也会有很高的打分

3. Applications of Machine Learning to Fuzzing

AFL就使用了genetic Algorithm来做input generation;
已有不少研究用来减少符号执行中constraint equation 处理的时间,crash triage(确定一大堆有趣的程序状态中和bug相关的), root cause categoritzation

Generate Inputs

Proj THUDBFuzz Paper Reading: A Review of Machine Learning Applications in Fuzzing

原文地址:https://www.cnblogs.com/xuesu/p/14509932.html

hmoban主题是根据ripro二开的主题,极致后台体验,无插件,集成会员系统
自学咖网 » Proj THUDBFuzz Paper Reading: A Review of Machine Learning Applications in Fuzzing