Wed 6 Dec 2023 16:00 - 16:15 at Golden Gate C1 - Fuzzing Chair(s): Shaukat Ali

For coverage-guided fuzzers, many of their adopted seeds are usually underused by exploring limited program states since essentially all their executions have to abide by rigorous program dependencies while only limited seeds are capable of accessing dependencies. Moreover, even when iteratively executing such limited seeds, the fuzzers have to repeatedly access the covered program states before uncovering new states. Such facts indicate that exploration power on program states of seeds has not been sufficiently leveraged by the existing coverage-guided fuzzing strategies. To tackle these issues, we propose a coverage-guided fuzzer, namely MirageFuzz, to mitigate the program dependencies when executing seeds for enhancing their exploration power on program states. Specifically, MirageFuzz first creates a “phantom” program of the target program by reducing its program dependencies corresponding to conditional statements while retaining their original semantics. Accordingly, MirageFuzz performs dual fuzzing, i.e., the source fuzzing to fuzz the original program and the phantom fuzzing to fuzz the phantom program simultaneously. Then, MirageFuzz applies the taint-based mutation mechanism to generate a new seed by updating the target conditional statement of a given seed from the source fuzzing with the corresponding condition value derived by the phantom fuzzing. To evaluate the effectiveness of MirageFuzz, we build a benchmark suite with 18 projects commonly adopted by recent fuzzing papers, and select seven open-source fuzzers as baselines for performance comparison with MirageFuzz. The experiment results suggest that MirageFuzz outperforms our baseline fuzzers from 13.42% to 77.96% averagely. Furthermore, MirageFuzz exposes 29 previously unknown bugs where 4 of them have been confirmed and 3 have been fixed by the corresponding developers.

Wed 6 Dec

Displayed time zone: Pacific Time (US & Canada) change

16:00 - 18:00
FuzzingResearch Papers at Golden Gate C1
Chair(s): Shaukat Ali Simula Research Laboratory and Oslo Metropolitan University
16:00
15m
Talk
Enhancing Coverage-guided Fuzzing via Phantom Program
Research Papers
Mingyuan Wu Southern University of Science and Technology and the University of Hong Kong, Kunqiu Chen Southern University of Science and Technology, Qi Luo Southern University of Science and Technology, Jiahong Xiang Southern University of Science and Technology, Ji Qi The University of Hong Kong, Junjie Chen Tianjin University, Heming Cui University of Hong Kong, Yuqun Zhang Southern University of Science and Technology
Media Attached
16:15
15m
Talk
Co-Dependence Aware Fuzzing for Dataflow-based Big Data Analytics
Research Papers
Ahmad Humayun Virginia Tech, Miryung Kim University of California at Los Angeles, USA, Muhammad Ali Gulzar Virginia Tech
Pre-print Media Attached
16:30
15m
Talk
SJFuzz: Seed & Mutator Scheduling for JVM Fuzzing
Research Papers
Mingyuan Wu Southern University of Science and Technology and the University of Hong Kong, Yicheng Ouyang University of Illinois at Urbana-Champaign, Minghai Lu Southern University of Science and Technology, Junjie Chen Tianjin University, Yingquan Zhao College of Intelligence and Computing, Tianjin University, Heming Cui University of Hong Kong, Guowei Yang University of Queensland, Yuqun Zhang Southern University of Science and Technology
Media Attached
16:45
15m
Talk
Metamong: Detecting Render-update Bugs in Web Browsers through Fuzzing
Research Papers
Suhwan Song Seoul National University, South Korea, Byoungyoung Lee Seoul National University, South Korea
Media Attached
17:00
15m
Talk
Property-based Fuzzing for Finding Data Manipulation Errors in Android Apps
Research Papers
Jingling Sun East China Normal University, Ting Su East China Normal University, Jiayi Jiang East China Normal University, Jue Wang Nanjing University, Geguang Pu East China Normal University, Zhendong Su ETH Zurich
Media Attached
17:15
15m
Talk
Leveraging Hardware Probes and Optimizations for Accelerating Fuzz Testing of Heterogeneous Applications
Research Papers
Jiyuan Wang University of California at Los Angeles, Qian Zhang University of California, Riverside, Hongbo Rong Intel Labs, Guoqing Harry Xu University of California at Los Angeles, Miryung Kim University of California at Los Angeles, USA
Pre-print Media Attached
17:30
15m
Talk
NaNofuzz: A Usable Tool for Automatic Test Generation
Research Papers
Matthew C. Davis Carnegie Mellon University, Sangheon Choi Rose-Hulman Institute of Technology, Sam Estep Carnegie Mellon University, Brad A. Myers Carnegie Mellon University, Joshua Sunshine Carnegie Mellon University
Link to publication DOI Media Attached
17:45
15m
Talk
[Remote] A Generative and Mutational Approach for Synthesizing Bug-exposing Test Cases to Guide Compiler Fuzzing
Research Papers
Guixin Ye Northwest University, Tianmin Hu Northwest University, Zhanyong Tang Northwest University, Zhenye Fan Northwest University, Shin Hwei Tan Concordia University, Bo Zhang Tencent Security Platform Department, Wenxiang Qian Tencent Security Platform Department, Zheng Wang University of Leeds, UK
Media Attached