V-Fuzz: Vulnerability-Oriented Evolutionary Fuzzing
Fuzzing is a technique of finding bugs by executing a software recurrently with a large number of abnormal inputs. Most of the existing fuzzers consider all parts of a software equally, and pay too much attention on how to improve the code coverage. It is inefficient as the vulnerable code only take...
Saved in:
Main Authors | , , , , , , |
---|---|
Format | Journal Article |
Language | English |
Published |
04.01.2019
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | Fuzzing is a technique of finding bugs by executing a software recurrently
with a large number of abnormal inputs. Most of the existing fuzzers consider
all parts of a software equally, and pay too much attention on how to improve
the code coverage. It is inefficient as the vulnerable code only takes a tiny
fraction of the entire code. In this paper, we design and implement a
vulnerability-oriented evolutionary fuzzing prototype named V-Fuzz, which aims
to find bugs efficiently and quickly in a limited time. V-Fuzz consists of two
main components: a neural network-based vulnerability prediction model and a
vulnerability-oriented evolutionary fuzzer. Given a binary program to V-Fuzz,
the vulnerability prediction model will give a prior estimation on which parts
of the software are more likely to be vulnerable. Then, the fuzzer leverages an
evolutionary algorithm to generate inputs which tend to arrive at the
vulnerable locations, guided by the vulnerability prediction result.
Experimental results demonstrate that V-Fuzz can find bugs more efficiently
than state-of-the-art fuzzers. Moreover, V-Fuzz has discovered 10 CVEs, and 3
of them are newly discovered. We reported the new CVEs, and they have been
confirmed and fixed. |
---|---|
DOI: | 10.48550/arxiv.1901.01142 |