• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

ER-Fuzz:Conditional Code Removed Fuzzing

Vol. 13, No. 7, July 30, 2019
10.3837/tiis.2019.07.010, Download Paper (Free):

Abstract

Coverage-guided fuzzing is an efficient solution that has been widely used in software testing. By guiding fuzzers through the coverage information, seeds that generate new paths will be retained to continually increase the coverage. However, we observed that most samples follow the same few high-frequency paths. The seeds that exercise a high-frequency path are saved for the subsequent mutation process until the user terminates the test process, which directly affects the efficiency with which the low-frequency paths are tested. In this paper, we propose a fuzzing solution, ER-Fuzz, that truncates the recording of a high-frequency path to influence coverage. It utilizes a deep learning-based classifier to locate the high and low-frequency path transfer points; then, it instruments at the transfer position to promote the probability low-frequency transfer paths while eliminating subsequent variations of the high-frequency path seeds. We implemented a prototype of ER-Fuzz based on the popular fuzzer AFL and evaluated it on several applications. The experimental results show that ER-Fuzz improves the coverage of the original AFL method to different degrees. In terms of the number of crash discoveries, in the best case, ER-Fuzz found 115% more unique crashes than did AFL. In total, seven new bugs were found and new CVEs were assigned.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
X. Song, Z. Wu, Y. Cao and Q. Wei, "ER-Fuzz:Conditional Code Removed Fuzzing," KSII Transactions on Internet and Information Systems, vol. 13, no. 7, pp. 3511-3532, 2019. DOI: 10.3837/tiis.2019.07.010.

[ACM Style]
Xiaobin Song, Zehui Wu, Yan Cao, and Qiang Wei. 2019. ER-Fuzz:Conditional Code Removed Fuzzing. KSII Transactions on Internet and Information Systems, 13, 7, (2019), 3511-3532. DOI: 10.3837/tiis.2019.07.010.