Write a Blog >>
ICSE 2020
Wed 24 June - Thu 16 July 2020
Fri 10 Jul 2020 15:12 - 15:20 at Silla - A21-Testing and Debugging 3 Chair(s): Tingting Yu

Coverage-based greybox fuzzing (CGF) is one of the most successful approaches for automated vulnerability detection. Given a seed file (as a sequence of bits), a CGF randomly flips, deletes or copies some bits to generate new files. CGF iteratively constructs (and fuzzes) a seed corpus by retaining those generated files which enhance coverage. However, random bitflips are unlikely to produce valid files (or valid chunks in files), for applications processing complex file formats. In this work, we introduce smart greybox fuzzing (SGF) which leverages a high-level structural representation of the seed file to generate new files. We define innovative mutation operators that work on the virtual file structure rather than on the bit level which allows SGF to explore completely new input domains while maintaining file validity. We introduce a novel validity-based power schedule that enables SGF to spend more time generating files that are more likely to pass the parsing stage of the program, which can expose vulnerabilities much deeper in the processing logic. Our evaluation demonstrates the effectiveness of SGF. On several libraries that parse complex chunk-based files, our tool AFLSmart achieves substantially more branch coverage (up to 87% improvement) and exposes more vulnerabilities than baseline AFL. Our tool AFLSmart discovered 42 zero-day vulnerabilities in widely-used, well-tested tools and libraries; 22 CVEs were assigned.

Fri 10 Jul
Times are displayed in time zone: (UTC) Coordinated Universal Time change

15:00 - 16:00: A21-Testing and Debugging 3Paper Presentations / Journal First / Technical Papers at Silla
Chair(s): Tingting YuUniversity of Kentucky
15:00 - 15:12
Schrödinger's Security: Opening the Box on App Developers' Security RationaleTechnical
Technical Papers
Dirk van der LindenUniversity of Bristol, Pauline AnthonysamyGoogle Inc., Bashar NuseibehThe Open University (UK) & Lero (Ireland), Thein Tun, Marian PetreThe Open University, Mark LevineLancaster University, John TowseLancaster University, Awais RashidUniversity of Bristol, UK
15:12 - 15:20
Smart Greybox FuzzingJ1
Journal First
Van-Thuan PhamMonash University, Marcel BöhmeMonash University, Andrew SantosaNational University of Singapore, Alexandru Răzvan CăciulescuUiPath, Abhik RoychoudhuryNational University of Singapore, Singapore
15:20 - 15:28
Deep Transfer Bug LocalizationJ1
Journal First
Xuan HuoNanjing University, Ferdian ThungSingapore Management University, Ming LiNanjing University, David LoSingapore Management University, Shu-Ting ShiNanjing University
15:28 - 15:36
A Benchmark-Based Evaluation of Search-Based Crash ReproductionJ1
Journal First
Mozhan SoltaniLeiden University, Pouria DerakhshanfarDelft University of Technology, Xavier DevroeyDelft University of Technology, Arie van DeursenDelft University of Technology
Link to publication DOI Pre-print Media Attached
15:36 - 15:48
An Investigation of Cross-Project Learning in Online Just-In-Time Software Defect PredictionTechnical
Technical Papers
Sadia TabassumUniversity of Birmingham, UK, Leandro MinkuUniversity of Birmingham, UK, Danyi FengXiLiu Tech, George CabralUniversidade Federal Rural de Pernambuco, Liyan SongUniversity of Birmingham
15:48 - 15:56
An Empirical Study of the Long Duration of Continuous Integration BuildsJ1
Journal First
Taher Ahmed GhalebQueen's University, Daniel Alencar Da CostaUniversity of Otago, Ying ZouQueen's University, Kingston, Ontario
Link to publication DOI Pre-print