Vulnerability-focused directed fuzzing for binaries

  • Oehlert, P. Violation of Assumptions by Fuzzing. IEEE Security Privacy 358-62 (2005).

    items

    Google Scholar

  • Howard, M. & Lipner, S. The security development lifecycle Vol. 8 (Microsoft Press Redmond, 2006).

    Google Scholar

  • AFL. American fuzzy lop. https://lcamtuf.coredump.cx/afl/. Accessed September 23, 2021.

  • Blair, W. et al. Hotfuzz: Discovery of algorithmic denial-of-service vulnerabilities through guided micro-fuzzing. arXiv form arXiv:2002.03416 (2020).

  • Schumilo, S., Aschermann, C., Gawlik, R., Schinzel, S. & Holz, T. kafl: Hardware-assisted feedback fuzzing for os kernels. in 26th USENIX Security Symposium USENIX Security 17)167-182 (2017).

  • Wang, M. et al. Riff: Reduced instruction footprint for coverage-guided fuzzing. in 2021 USENIX Annual Technical Conference USENIX ATC 21)147-159 (2021).

  • Zhou, C., Wang, M., Liang, J., Liu, Z. & Jiang, Y. Zeror: Accelerate fuzzing with coverage-dependent tracking and planning. in Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering858-870 (2020).

  • Shin, Y. & Williams, L. Can traditional failure prediction models be used for vulnerability prediction? empirical software Closely. 125-59 (2013).

    items

    Google Scholar

  • Ganesh, V., Leek, T. & Rinard, M. Taint-based directed whitebox fuzzing. in 2009 IEEE 31st International Conference on Software Development474-484 (IEEE, 2009).

  • Ma KK, Phang KY, Foster JS & Hicks M. Directed Symbolic Execution. in International Static Analysis Symposium, 95-111 (Springer, 2011).

  • Marinescu, PD & Cadar, C. Katch: High Coverage Testing of Software Patches. in Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering235-245 (2013).

  • Böhme, M., Pham, V.-T., Nguyen, M.-D. & Roychoudhury, A. Directed Greybox Fuzzing. in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security2329-2344 (2017).

  • Chen, H. et al. Hawkeye: In the direction of a desired grey-box directional fuzzer. in Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, 2095-2108 (2018).

  • Nguyen, M.-D., Bardin, S., Bonichon, R., Groz, R. & Lemerre, M. Binary-level directed fuzzing for use-after-free vulnerabilities. in the 23rd International Symposium on Attack, Intrusion and Defense Research (RAID 2020)47-62 (2020).

  • Wang, H. et al. Typestate-guided fuzzer to discover use-after-free vulnerabilities. in 2020 IEEE/ACM 42nd International Conference on Software Development (ICSE)999-1010 (IEEE, 2020).

  • Wen, C. et al. Memlock: Fuzzing guided by memory usage. in Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering765-777 (2020).

  • Coppik, N., Schwahn, O. & Suri, N. Memfuzz: Using memory accesses to guide fuzzing. in 2019 12th IEEE Conference on Testing, Validation, and Verification of Software (ICST)48-58 (IEEE, 2019).

  • Kim, J. & Yun, J. Poster: Directed hybrid fuzzing on binary code. in Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security2637-2639 (2019).

  • Rohat, S. et al. Vuzzer: Application-aware evolutionary fuzzing. NDSS 171-14 (2017).

    Google Scholar

  • She, W. et al. Semfuzz: Semantics-based automatic generation of proof-of-concept exploits. in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security2139-2154 (2017).

  • Mathis, B. et al. Parser-directed fuzzing. in Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation548-560 (2019).

  • Zong, P. et al. Fuzzguard: Filtering out unreachable inputs in directed grey-box fuzzing through deep learning. in 29th USENIX Security Symposium USENIX Security 20)2255-2269 (2020).

  • Yu, X. et al. Adagum: A model-based anomaly detection method with adaptive graph updating for edge computing environments. security commune. network 2021 (2021).

  • Xu, X. et al. Neural network-based graph embedding for cross-platform similarity detection in binary code. in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security363-376 (2017).

  • Dolan-Gavitt, B. et al. Lava: Extensive automatic addition of vulnerabilities. in 2016 IEEE Symposium on Security and Privacy (SP)110-121 (IEEE, 2016).

  • Yamaguchi, F. Pattern-Based Vulnerability Detection. PhD Dissertation, Lower Saxony State and University Library Göttingen (2015).

  • Kipf, TN & Welling, M. Variational Graph Auto-Encoder. arXiv form arXiv:1611.07308 (2016).

  • Grieco, G. et al. Towards large-scale vulnerability discovery using machine learning. in Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy85-96 (2016).

  • Lee YJ, Choi SH, Kim C, Lim SH & Park, K.-W. Learning binary code using deep learning to detect software weaknesses. in KSII Symposium of the 9th International Internet Conference (ICONI) 2017 (2017).

  • Feng, Q. et al. Scalable graph-based debugging of firmware images. in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security480-491 (ACM, 2016).

  • Gao, J., Yang, X., Fu, Y., Jiang, Y. & Sun, J. Vulseeker: A Semantic Learning-Based Cross-Platform Binary Vulnerability Finder. in Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering896-899 (ACM, 2018).

  • Zuo, F. et al. Similarity comparison of binary code across function pairs inspired by neural machine translation. arXiv form arXiv:1808.04706 (2018).

  • Kiros, R. et al. Skip thought vectors. Advanced Neural Inf. Procedure. system 3294-3302 (2015).

  • Chopra, S., Hadsell, R. & LeCun, Y. Discriminative learning of a similarity metric with application to face verification. in 2005 IEEE Computer Society Conference on Computer Vision and Pattern Recognition (CVPR’05)Vol. 1, 539-546 (IEEE, 2005).

  • Norouzi M, Fleet DJ & Salakhutdinov RR Hamming Distance Metric Learning. Advanced Neural Inf. Procedure. system 1061-1069 (2012).

  • Yu, L., Lu, Y., Shen, Y., Huang, H. & Zhu, K. BeDetector: A two-channel coding method for vulnerability detection based on binary similarity. IEEE access 951631-51645 (2021).

    items

    Google Scholar

  • Böhme, M., Pham, V.-T. & Roychoudhury, A. Coverage-Based Greybox Fuzzing as a Markov Chain. IEEE Trans. software Closely. 45489-506 (2017).

    items

    Google Scholar

  • Serebryany K, Bruening D, Potapenko A & Vyukov D Address sanitizer: A fast address sanity checker. in 2012 USENIX Annual Technical Conference USENIX ATC 12)309-318 (2012).

  • Li, Y. et al. Steelix: Program state based binary fuzzing. in Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering627-637 (2017).

  • Peng H, Shoshitaishvili Y & Payer M T-fuzz: Fuzzing by program transformation. in 2018 IEEE Symposium on Security and Privacy (SP)697-710 (IEEE, 2018).

  • Li, Y. et al. V-Fuzz: Vulnerability-oriented evolutionary fuzzing. arXiv form arXiv:1901.01142 (2019).

  • Li, Y. et al. Unifuzz: A holistic and pragmatic metrics-based platform for evaluating fuzzers. in 30th USENIX Security Symposium USENIX Security 21) (2021).

  • Person, S., Yang, G., Rungta, N. & Khurshid, S. Guided incremental symbolic execution. Acm Signplan Announcements 46504-515 (2011).

    items

    Google Scholar

  • Stephens, N et al. Driller: Improved fuzzing through selective symbolic execution. NDSS 161-16 (2016).

    Google Scholar

  • Liang, J. et al. Deepfuzzer: Accelerated deep greybox fuzzing. IEEE Trans. Reliable secure computer. 18(6), 2675-2688 (2019).

    Google Scholar

  • Chen, P. & Chen, H. Angora: Efficient fuzzing through principled search. in 2018 IEEE Symposium on Security and Privacy (SP)711-725 (IEEE, 2018).

  • Lemieux, C. & Sen, K. Fairfuzz: A targeted mutation strategy to increase greybox fuzz test coverage. in Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering475-485 (2018).

  • She, D. et al. Neuzz: Efficient fuzzing with neural program smoothing. in 2019 IEEE Symposium on Security and Privacy (SP)803-817 (IEEE, 2019).

  • Liang H, Zhang Y, Yu Y, Xie Z & Jiang L. Sequence coverage directed greybox fuzzing. in 2019 IEEE/ACM 27th International Conference on Understanding Programs (ICPC)249-259 (IEEE Computer Society, 2019).

  • Liang, H., Jiang, L., Ai, L. & Wei, J. Sequence-driven hybrid fuzzing. in 2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER)127-137 (IEEE, 2020).

  • Österlund, S., Razavi, K., Bos, H. & Giuffrida, C. Parmesan: Sanitizer-guided greybox fuzzing. in 29th USENIX Security Symposium USENIX Security 20)2289-2306 (2020).

  • Gao, J et al. Em-Fuzz: Extended firmware fuzzing by memory check. IEEE Trans. Computational Design Integr. Circ. system 393420-3432 (2020).

    items

    Google Scholar

  • Comments are closed.