Write a Blog >>
ICSE 2020
Wed 24 June - Thu 16 July 2020
Fri 10 Jul 2020 15:12 - 15:20 at Silla - A21-Testing and Debugging 3 Chair(s): Tingting Yu

Coverage-based greybox fuzzing (CGF) is one of the most successful approaches for automated vulnerability detection. Given a seed file (as a sequence of bits), a CGF randomly flips, deletes or copies some bits to generate new files. CGF iteratively constructs (and fuzzes) a seed corpus by retaining those generated files which enhance coverage. However, random bitflips are unlikely to produce valid files (or valid chunks in files), for applications processing complex file formats. In this work, we introduce smart greybox fuzzing (SGF) which leverages a high-level structural representation of the seed file to generate new files. We define innovative mutation operators that work on the virtual file structure rather than on the bit level which allows SGF to explore completely new input domains while maintaining file validity. We introduce a novel validity-based power schedule that enables SGF to spend more time generating files that are more likely to pass the parsing stage of the program, which can expose vulnerabilities much deeper in the processing logic. Our evaluation demonstrates the effectiveness of SGF. On several libraries that parse complex chunk-based files, our tool AFLSmart achieves substantially more branch coverage (up to 87% improvement) and exposes more vulnerabilities than baseline AFL. Our tool AFLSmart discovered 42 zero-day vulnerabilities in widely-used, well-tested tools and libraries; 22 CVEs were assigned.

Fri 10 Jul

Displayed time zone: (UTC) Coordinated Universal Time change

15:00 - 16:00
A21-Testing and Debugging 3Journal First / Technical Papers at Silla
Chair(s): Tingting Yu University of Kentucky
15:00
12m
Talk
Schrödinger's Security: Opening the Box on App Developers' Security RationaleTechnical
Technical Papers
Dirk van der Linden University of Bristol, Pauline Anthonysamy Google Inc., Bashar Nuseibeh The Open University (UK) & Lero (Ireland), Thein Tun , Marian Petre The Open University, Mark Levine Lancaster University, John Towse Lancaster University, Awais Rashid University of Bristol, UK
15:12
8m
Talk
Smart Greybox FuzzingJ1
Journal First
Van-Thuan Pham Monash University, Marcel Böhme Monash University, Andrew Santosa National University of Singapore, Alexandru Răzvan Căciulescu UiPath, Abhik Roychoudhury National University of Singapore, Singapore
15:20
8m
Talk
Deep Transfer Bug LocalizationJ1
Journal First
Xuan Huo Nanjing University, Ferdian Thung Singapore Management University, Ming Li Nanjing University, David Lo Singapore Management University, Shu-Ting Shi Nanjing University
15:28
8m
Talk
A Benchmark-Based Evaluation of Search-Based Crash ReproductionJ1
Journal First
Mozhan Soltani Leiden University, Pouria Derakhshanfar Delft University of Technology, Xavier Devroey Delft University of Technology, Arie van Deursen Delft University of Technology
Link to publication DOI Pre-print Media Attached
15:36
12m
Talk
An Investigation of Cross-Project Learning in Online Just-In-Time Software Defect PredictionTechnical
Technical Papers
Sadia Tabassum University of Birmingham, UK, Leandro Minku University of Birmingham, UK, Danyi Feng XiLiu Tech, George Cabral Universidade Federal Rural de Pernambuco, Liyan Song University of Birmingham
15:48
8m
Talk
An Empirical Study of the Long Duration of Continuous Integration BuildsJ1
Journal First
Taher Ahmed Ghaleb Queen's University, Daniel Alencar Da Costa University of Otago, Ying Zou Queen's University, Kingston, Ontario
Link to publication DOI Pre-print