Targeted Greybox Fuzzing with Static Lookahead Analysis
Automatic test generation typically aims to generate inputs that explore new paths in the program under test in order to find bugs. Existing work has, therefore, focused on guiding the exploration toward program parts that are more likely to contain bugs by using an offline static analysis.
In this paper, we introduce a novel technique for targeted greybox fuzzing using an online static analysis that guides the fuzzer toward a set of target locations, for instance, located in recently modified parts of the program. This is achieved by first semantically analyzing each program path that is explored by an input in the fuzzer’s test suite. The results of this analysis are then used to control the fuzzer’s specialized power schedule, which determines how often to fuzz inputs from the test suite. We implemented our technique by extending a state-of-the-art, industrial fuzzer for Ethereum smart contracts and evaluate its effectiveness on 27 real-world benchmarks. Using an online analysis is particularly suitable for the domain of smart contracts since it does not require any code instrumentation—adding instrumentation to contracts changes their semantics. Our experiments show that targeted fuzzing significantly outperforms standard greybox fuzzing for reaching 83% of the challenging target locations (up to 14x of median speed-up).
Tue 7 Jul Times are displayed in time zone: (UTC) Coordinated Universal Time change
|07:00 - 07:12|
|07:12 - 07:24|
Yannic NollerHumboldt-Universität zu Berlin, Corina S. PasareanuCarnegie Mellon University Silicon Valley, NASA Ames Research Center, Marcel BöhmeMonash University, Youcheng SunQueen's University Belfast, Hoang Lam NguyenHumboldt-Universität zu Berlin, Lars GrunskeHumboldt-Universität zu BerlinPre-print
|07:24 - 07:36|
Towards Characterizing Adversarial Defects of Deep Learning Software from the Lens of UncertaintyTechnical
Xiyue ZhangPeking University, Xiaofei XieNanyang Technological University, Lei MaKyushu University, Xiaoning DuNanyang Technological University, Qiang HuKyushu University, Japan, Yang LiuNanyang Technological University, Singapore, Jianjun ZhaoKyushu University, Meng SunPeking UniversityPre-print
|07:36 - 07:48|
One Size Does Not Fit All: A Grounded Theory and Online Survey Study of Developer Preferences for Security Warning TypesTechnical
|07:48 - 07:54|
Gian Luca ScocciaUniversity of L'Aquila, Matteo Maria FioreUniversity of L'Aquila, Patrizio PelliccioneUniversity of L'Aquila and Chalmers | University of Gothenburg, Marco AutiliUniversity of L'Aquila, Italy, Paola InverardiUniversity of L'Aquila, Alejandro RussoChalmers University of Technology, Sweden
|07:54 - 08:00|
Koen Yskoutimec - DistriNet, KU Leuven, Thomas HeymanToreon, Dimitri Van LanduytKatholieke Universiteit Leuven, Laurens Sionimec-DistriNet, KU Leuven, Kim Wuytsimec-DistriNet, KU Leuven, Wouter JoosenKatholieke Universiteit LeuvenPre-print