More Web Proxy on the site http://driver.im/

research-article

PAFL: extend fuzzing optimizations of single mode to industrial parallel mode

Authors:

Yuanliang Chen,

Jiaguang SunAuthors Info & Claims

ESEC/FSE 2018: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering

Pages 809 - 814

https://doi.org/10.1145/3236024.3275525

Published: 26 October 2018 Publication History

Abstract

Researchers have proposed many optimizations to improve the efficiency of fuzzing, and most optimized strategies work very well on their targets when running in single mode with instantiating one fuzzer instance. However, in real industrial practice, most fuzzers run in parallel mode with instantiating multiple fuzzer instances, and those optimizations unfortunately fail to maintain the efficiency improvements.

In this paper, we present PAFL, a framework that utilizes efficient guiding information synchronization and task division to extend those existing fuzzing optimizations of single mode to industrial parallel mode. With an additional data structure to store the guiding information, the synchronization ensures the information is shared and updated among different fuzzer instances timely. Then, the task division promotes the diversity of fuzzer instances by splitting the fuzzing task into several sub-tasks based on branch bitmap. We first evaluate PAFL using 12 different real-world programs from Google fuzzer-test-suite. Results show that in parallel mode, two AFL improvers–AFLFast and FairFuzz do not outperform AFL, which is different from the case in single mode. However, when augmented with PAFL, the performance of AFLFast and FairFuzz in parallel mode improves. They cover 8% and 17% more branches, trigger 79% and 52% more unique crashes. For further evaluation on more widely-used software systems from GitHub, optimized fuzzers augmented with PAFL find more real bugs, and 25 of which are security-critical vulnerabilities registered as CVEs in the US National Vulnerability Database.

References

[1]

2015. Microsoft Security Risk Detection ("Project Springfield"). https://www. microsoft.com/en-us/research/project/project-springfield/. (2015). {Online; accessed 26-January-2018}. 2016. Continuous fuzzing for open source software. https://opensource. googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html. (2016).

[2]

{Online; accessed 26-January-2018}. 2016. Google. Honggfuzz. http://honggfuzz.com/. (2016). 2017. libFuzzer in Chrome. https://chromium.googlesource.com/chromium/src/ +/master/testing/libfuzzer/README.md. (2017). {Online; accessed 12-November- 2017}. 2017. OSS-Fuzz: Five months later, and rewarding projects. https://security. googleblog.com/2017/05/oss-fuzz-five-months-later-and.html. (2017). {Online; accessed 16-May-2018}.

[3]

Marcel Böhme, Van-Thuan Pham, and Abhik Roychoudhury. 2016. Coveragebased greybox fuzzing as markov chain. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, 1032–1043.

Digital Library

[4]

Sang Kil Cha, Thanassis Avgerinos, Alexandre Rebert, and David Brumley. 2012. Unleashing mayhem on binary code. In Security and Privacy (SP), 2012 IEEE Symposium on. IEEE, 380–394.

Digital Library

[5]

Yuanliang Chen, Yu Jiang, Jie Liang, Mingzhe Wang, and Xun Jiao. 2018. EnFuzz: From Ensemble Learning to Ensemble Fuzzing. arXiv preprint arXiv:1807.00182 (2018).

[6]

Shuitao Gan, Chao Zhang, Xiaojun Qin, Xuwen Tu, Kang Li, Zhongyu Pei, and Zuoning Chen. {n. d.}. CollAFL: Path Sensitive Fuzzing. In CollAFL: Path Sensitive Fuzzing. IEEE, 0.

[7]

Sam Hocevar. 2007. zzuf - multi-purpose fuzzer. http://caca.zoy.org/wiki/zzuf. (2007). {Online; accessed 26-January-2018}.

[8]

Rahul Johari and Pankaj Sharma. 2012. A survey on web application vulnerabilities (SQLIA, XSS) exploitation and security engine for SQL injection. In Communication Systems and Network Technologies (CSNT), 2012 International Conference on. IEEE, 453–458.

Digital Library

[9]

T Kavitha and D Sridharan. 2010. Security vulnerabilities in wireless sensor networks: A survey. Journal of information Assurance and Security 5, 1 (2010), 31–44.

[10]

Diallo Abdoulaye Kindy and Al-Sakib Khan Pathan. 2011. A survey on SQL injection: Vulnerabilities, attacks, and prevention techniques. In Consumer Electronics (ISCE), 2011 IEEE 15th International Symposium on. IEEE, 468–471.

[11]

Caroline Lemieux and Koushik Sen. 2017. FairFuzz: Targeting Rare Branches to Rapidly Increase Greybox Fuzz Testing Coverage. arXiv preprint arXiv:1709.07101 (2017).

[12]

Jie Liang, Mingzhe Wang, Yuanliang Chen, Yu Jiang, and Renwei Zhang. 2018. Fuzz testing in practice: Obstacles and solutions. In 2018 IEEE 25th International Conference on Software Analysis, Evolution and Reengineering (SANER). IEEE, 562–566.

[13]

Charlie Miller, Zachary NJ Peterson, et al. 2007. Analysis of mutation and generation-based fuzzing. Independent Security Evaluators, Tech. Rep 4 (2007).

[14]

Sanjay Rawat, Vivek Jain, Ashish Kumar, Lucian Cojocar, Cristiano Giuffrida, and Herbert Bos. 2017. Vuzzer: Application-aware evolutionary fuzzing. In Proceedings of the Network and Distributed System Security Symposium (NDSS).

[15]

Konstantin Serebryany, Derek Bruening, Alexander Potapenko, and Dmitriy Vyukov. 2012. AddressSanitizer: A Fast Address Sanity Checker. In USENIX Annual Technical Conference. 309–318.

Digital Library

[16]

Mingzhe Wang, Jie Liang, Yuanliang Chen, Yu Jiang, Xun Jiao, Han Liu, Xibin Zhao, and Jiaguang Sun. 2018. SAFL: increasing and accelerating testing coverage with symbolic execution and guided fuzzing. In Proceedings of the 40th International Conference on Software Engineering: Companion Proceeedings. ACM, 61–64.

Digital Library

[17]

Wen Xu, Sanidhya Kashyap, Changwoo Min, and Taesoo Kim. 2017. Designing New Operating Primitives to Improve Fuzzing Performance. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2313–2328.

Digital Library

[18]

Michal Zalewski. 2015. American fuzzy lop. (2015). Abstract 1 Introduction 2 BACKGROUND 3 PAFL Design 3.1 Information Synchronization Mechanism 3.2 Task Division Mechanism 4 Evaluation 4.1 Google Benchmark Evaluation 4.2 GitHub CVE Mining 5 Discussion 6 Conclusion References

Cited By

Di PLiu BGao YRoychoudhury APaiva AAbreu RStorey MAniche MNagappan N(2024)MicroFuzz: An Efficient Fuzzing Framework for MicroservicesProceedings of the 46th International Conference on Software Engineering: Software Engineering in Practice10.1145/3639477.3639723(216-227)Online publication date: 14-Apr-2024
https://dl.acm.org/doi/10.1145/3639477.3639723
Liang HYu XCheng XLiu JLi J(2024)Multiple Targets Directed Greybox FuzzingIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.325312021:1(325-339)Online publication date: Jan-2024
https://doi.org/10.1109/TDSC.2023.3253120
Luo ZYu JDu QZhao YWu FShi HChang WJiang Y(2024)Parallel Fuzzing of IoT Messaging Protocols Through Collaborative Packet GenerationIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2024.344470543:11(3431-3442)Online publication date: Nov-2024
https://doi.org/10.1109/TCAD.2024.3444705
Show More Cited By

Index Terms

PAFL: extend fuzzing optimizations of single mode to industrial parallel mode
1. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Software defect analysis
        Software testing and debugging

Recommendations

Grey-box concolic testing on binary code
ICSE '19: Proceedings of the 41st International Conference on Software Engineering

We present grey-box concolic testing, a novel path-based test case generation method that combines the best of both white-box and grey-box fuzzing. At a high level, our technique systematically explores execution paths of a program under test as in white-...
Accelerating Fuzzing through Prefix-Guided Execution

Coverage-guided fuzzing is one of the most effective approaches for discovering software defects and vulnerabilities. It executes all mutated tests from seed inputs to expose coverage-increasing tests. However, executing all mutated tests incurs ...
Violating Assumptions with Fuzzing

Boundary conditions are important because significant subsets of boundary condition failures are security failures. As such, the boundary conditions we don't test today are the security patches we'll have to issue tomorrow. An effective way to limit ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ESEC/FSE 2018: Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering

October 2018

987 pages

ISBN:9781450355735

DOI:10.1145/3236024

General Chair:
Gary T. Leavens
University of Central Florida, USA
,
Program Chairs:
Alessandro Garcia
PUC-Rio, Brazil
,
Corina S. Păsăreanu
NASA Ames Research Center, USA

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSOFT: ACM Special Interest Group on Software Engineering

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 26 October 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ESEC/FSE '18

Sponsor:

SIGSOFT

ESEC/FSE '18: 26th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering

November 4 - 9, 2018

FL, Lake Buena Vista, USA

Acceptance Rates

Overall Acceptance Rate 112 of 543 submissions, 21%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

63
Total Citations
View Citations
547
Total Downloads

Downloads (Last 12 months)70
Downloads (Last 6 weeks)6

Reflects downloads up to 14 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Di PLiu BGao YRoychoudhury APaiva AAbreu RStorey MAniche MNagappan N(2024)MicroFuzz: An Efficient Fuzzing Framework for MicroservicesProceedings of the 46th International Conference on Software Engineering: Software Engineering in Practice10.1145/3639477.3639723(216-227)Online publication date: 14-Apr-2024
https://dl.acm.org/doi/10.1145/3639477.3639723
Liang HYu XCheng XLiu JLi J(2024)Multiple Targets Directed Greybox FuzzingIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.325312021:1(325-339)Online publication date: Jan-2024
https://doi.org/10.1109/TDSC.2023.3253120
Luo ZYu JDu QZhao YWu FShi HChang WJiang Y(2024)Parallel Fuzzing of IoT Messaging Protocols Through Collaborative Packet GenerationIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2024.344470543:11(3431-3442)Online publication date: Nov-2024
https://doi.org/10.1109/TCAD.2024.3444705
Huang HYao PChiu HGuo YZhang C(2024)Titan : Efficient Multi-target Directed Greybox Fuzzing2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00059(1849-1864)Online publication date: 19-May-2024
https://doi.org/10.1109/SP54263.2024.00059
Zhao XQu HXu JLi XLv WWang G(2024)A systematic review of fuzzingSoft Computing - A Fusion of Foundations, Methodologies and Applications10.1007/s00500-023-09306-228:6(5493-5522)Online publication date: 1-Mar-2024
https://dl.acm.org/doi/10.1007/s00500-023-09306-2
Chen YZhong RYang YHu HWu DLee WCalandrino JTroncoso C(2023)µFUZZProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620312(1325-1342)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620312
Sun YXu X(2023)TAEF: A Task Allocation-Based Ensemble Fuzzing Framework for Optimizing the Advantages of Heterogeneous FuzzersApplied Sciences10.3390/app13241304213:24(13042)Online publication date: 7-Dec-2023
https://doi.org/10.3390/app132413042
Zou YZou WZhao JZhong NZhang YShi JHuo W(2023)PosFuzz: augmenting greybox fuzzing with effective position distributionCybersecurity10.1186/s42400-023-00143-26:1Online publication date: 1-Jun-2023
https://doi.org/10.1186/s42400-023-00143-2
Liu JShen YXu YSun HJiang Y(2023)Horus: Accelerating Kernel Fuzzing through Efficient Host-VM Memory Access ProceduresACM Transactions on Software Engineering and Methodology10.1145/361166533:1(1-25)Online publication date: 8-Aug-2023
https://dl.acm.org/doi/10.1145/3611665
Wang JZhang QRong HXu GKim MChandra SBlincoe KTonella P(2023)Leveraging Hardware Probes and Optimizations for Accelerating Fuzz Testing of Heterogeneous ApplicationsProceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3611643.3616318(1101-1113)Online publication date: 30-Nov-2023
https://dl.acm.org/doi/10.1145/3611643.3616318
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents