Fuzzing technology based on suspicious basic block orientation

Yifan Feng

doi:10.1117/12.3032100

6 June 2024 Fuzzing technology based on suspicious basic block orientation

Yifan Feng

Proceedings Volume 13175, International Conference on Computer Network Security and Software Engineering (CNSSE 2024); 1317510 (2024) https://doi.org/10.1117/12.3032100
Event: 4th International Conference on Computer Network Security and Software Engineering (CNSSE 2024), 2024, Sanya, China

Abstract

With the increasing complexity of software and the diversification of vulnerability forms, manual vulnerability mining can no longer meet the needs of software vulnerability mining, and automated vulnerability mining methods are becoming increasingly important. Fuzzing is one of the popular automated vulnerability mining techniques, which is widely used in software vulnerability mining due to its ease of deployment and efficiency. However, fuzzing has strong randomness, which leads to the generation of a large number of redundant and invalid inputs during the fuzzing process, wasting program execution time, resulting in low code coverage, and only a small number of inputs can truly trigger program exceptions. Therefore, the research on oriented fuzzing methods is becoming increasingly important. This article proposes a fuzzing method based on suspicious basic blocks, which uses LLVM in the static analysis stage to analyze the target program and identify the code that may have vulnerabilities. In fuzzing, tracking the execution of these codes, recording edge coverage information, prioritizing the selection of seeds that can trigger potential vulnerability areas for testing, and verifying the effectiveness of the proposed method through experiments.

(2024) Published by SPIE. Downloading of the abstract is permitted for personal use only.

Citation Download Citation

Yifan Feng "Fuzzing technology based on suspicious basic block orientation", Proc. SPIE 13175, International Conference on Computer Network Security and Software Engineering (CNSSE 2024), 1317510 (6 June 2024); https://doi.org/10.1117/12.3032100

ACCESS THE FULL ARTICLE

INSTITUTIONAL
Select your institution to access the SPIE Digital Library.

SELECT YOUR INSTITUTION

PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.

PERSONAL SIGN IN

No SPIE Account? Create one

PURCHASE THIS CONTENT

SUBSCRIBE TO DIGITAL LIBRARY

50 downloads per 1-year subscription

Members: $195

Non-members: $335 ADD TO CART

25 downloads per 1 - year subscription

Members: $145

Non-members: $250 ADD TO CART

PURCHASE SINGLE ARTICLE

Includes PDF, HTML & Video, when available

Members: $17.00

Non-members: $21.00 ADD TO CART

PROCEEDINGS
5 PAGES

DOWNLOAD PAPER SAVE TO MY LIBRARY

GET CITATION

RIGHTS & PERMISSIONS

Get copyright permission Get copyright permission on Copyright Marketplace

KEYWORDS

Fuzzy logic

RELATED CONTENT

Analysis and research on electricity consumption characteristics of massive users...
Proceedings of SPIE (October 19 2022)

Medical expert system for assessment of coronary heart disease destabilization...
Proceedings of SPIE (August 07 2017)

Optimizing curvilinear ILT recipe development with machine learning based pattern...
Proceedings of SPIE (November 08 2021)

Multi domain evaluation method for RF stealth performance based on...
Proceedings of SPIE (December 18 2019)

Classification techniques based on AI application to defect classification in...
Proceedings of SPIE (November 23 1994)

Fuzzy control iterative algorithm for the design of diffractive optical...
Proceedings of SPIE (January 04 2008)

Subscribe to Digital Library

Receive Erratum Email Alert

Keywords/Phrases

Search In:

Publication Years