FuzzInMem: Fuzzing Programs via In-memory Structures.

Saved in:
Bibliographic Details
Title: FuzzInMem: Fuzzing Programs via In-memory Structures.
Authors: Liu, Xuwei1 liu2598@purdue.edu, You, Wei2 youwei@ruc.edu.cn, Ye, Yapeng1 ye203@purdue.edu, Zhang, Zhuo1 zhan3299@purdue.edu, Huang, Jianjun2 hjj@ruc.edu.cn, Zhang, Xiangyu1 xyzhang@purdue.edu
Source: ICSE: International Conference on Software Engineering. 2024, p1-13. 13p.
Subjects: Fuzzy sets, PDF (Computer file format), Computer software, Computer software testing, Information theory
Abstract: In recent years, coverage-based greybox fuzzing has proven to be an effective and practical technique for discovering software vulnerabilities. The availability of American Fuzzy Loop (AFL) has facilitated numerous advances in overcoming challenges in fuzzing. However, the issue of mutating complex file formats, such as PDF, remains unresolved due to strict constraints. Existing fuzzers often produce mutants that fail to parse by applications, limited by bit/byte mutations performed on input files. Our observation is that most in-memory representations of file formats are simple, and well-designed applications have built-in printer functions to emit these structures as files. Thus, we propose a new technique that mutates the in-memory structures of inputs and utilizes printer functions to regenerate mutated files. Unlike prior approaches that require complex analysis to learn file format constraints, our technique leverages the printer function to preserve format constraints. We implement a prototype called FuzzInMem and compare it with AFL as well as other state-of-the-art fuzzers, including AFL++, Mopt, Weizz, and FormatFuzzer. The results show that FuzzInMem is scalable and substantially outperforms general-purpose fuzzers in terms of valid seed generation and path coverage. By applying FuzzInMem to real-world applications, we found 29 unique vulnerabilities and were awarded 5 CVEs. [ABSTRACT FROM AUTHOR]
Copyright of ICSE: International Conference on Software Engineering is the property of Association for Computing Machinery and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
Full text is not displayed to guests.
FullText Links:
  – Type: pdflink
Text:
  Availability: 1
Header DbId: egs
DbLabel: Engineering Source
An: 185196452
AccessLevel: 6
PubType: Conference
PubTypeId: conference
PreciseRelevancyScore: 0
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: FuzzInMem: Fuzzing Programs via In-memory Structures.
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22Liu%2C+Xuwei%22">Liu, Xuwei</searchLink><relatesTo>1</relatesTo><i> liu2598@purdue.edu</i><br /><searchLink fieldCode="AR" term="%22You%2C+Wei%22">You, Wei</searchLink><relatesTo>2</relatesTo><i> youwei@ruc.edu.cn</i><br /><searchLink fieldCode="AR" term="%22Ye%2C+Yapeng%22">Ye, Yapeng</searchLink><relatesTo>1</relatesTo><i> ye203@purdue.edu</i><br /><searchLink fieldCode="AR" term="%22Zhang%2C+Zhuo%22">Zhang, Zhuo</searchLink><relatesTo>1</relatesTo><i> zhan3299@purdue.edu</i><br /><searchLink fieldCode="AR" term="%22Huang%2C+Jianjun%22">Huang, Jianjun</searchLink><relatesTo>2</relatesTo><i> hjj@ruc.edu.cn</i><br /><searchLink fieldCode="AR" term="%22Zhang%2C+Xiangyu%22">Zhang, Xiangyu</searchLink><relatesTo>1</relatesTo><i> xyzhang@purdue.edu</i>
– Name: TitleSource
  Label: Source
  Group: Src
  Data: <searchLink fieldCode="JN" term="%22ICSE%3A+International+Conference+on+Software+Engineering%22">ICSE: International Conference on Software Engineering</searchLink>. 2024, p1-13. 13p.
– Name: Subject
  Label: Subjects
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22Fuzzy+sets%22">Fuzzy sets</searchLink><br /><searchLink fieldCode="DE" term="%22PDF+%28Computer+file+format%29%22">PDF (Computer file format)</searchLink><br /><searchLink fieldCode="DE" term="%22Computer+software%22">Computer software</searchLink><br /><searchLink fieldCode="DE" term="%22Computer+software+testing%22">Computer software testing</searchLink><br /><searchLink fieldCode="DE" term="%22Information+theory%22">Information theory</searchLink>
– Name: Abstract
  Label: Abstract
  Group: Ab
  Data: In recent years, coverage-based greybox fuzzing has proven to be an effective and practical technique for discovering software vulnerabilities. The availability of American Fuzzy Loop (AFL) has facilitated numerous advances in overcoming challenges in fuzzing. However, the issue of mutating complex file formats, such as PDF, remains unresolved due to strict constraints. Existing fuzzers often produce mutants that fail to parse by applications, limited by bit/byte mutations performed on input files. Our observation is that most in-memory representations of file formats are simple, and well-designed applications have built-in printer functions to emit these structures as files. Thus, we propose a new technique that mutates the in-memory structures of inputs and utilizes printer functions to regenerate mutated files. Unlike prior approaches that require complex analysis to learn file format constraints, our technique leverages the printer function to preserve format constraints. We implement a prototype called FuzzInMem and compare it with AFL as well as other state-of-the-art fuzzers, including AFL++, Mopt, Weizz, and FormatFuzzer. The results show that FuzzInMem is scalable and substantially outperforms general-purpose fuzzers in terms of valid seed generation and path coverage. By applying FuzzInMem to real-world applications, we found 29 unique vulnerabilities and were awarded 5 CVEs. [ABSTRACT FROM AUTHOR]
– Name: AbstractSuppliedCopyright
  Label:
  Group: Ab
  Data: <i>Copyright of ICSE: International Conference on Software Engineering is the property of Association for Computing Machinery and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.)
PLink https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=185196452
RecordInfo BibRecord:
  BibEntity:
    Identifiers:
      – Type: doi
        Value: 10.1145/3597503.3639172
    Languages:
      – Code: eng
        Text: English
    PhysicalDescription:
      Pagination:
        PageCount: 13
        StartPage: 1
    Subjects:
      – SubjectFull: Fuzzy sets
        Type: general
      – SubjectFull: PDF (Computer file format)
        Type: general
      – SubjectFull: Computer software
        Type: general
      – SubjectFull: Computer software testing
        Type: general
      – SubjectFull: Information theory
        Type: general
    Titles:
      – TitleFull: FuzzInMem: Fuzzing Programs via In-memory Structures.
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: Liu, Xuwei
      – PersonEntity:
          Name:
            NameFull: You, Wei
      – PersonEntity:
          Name:
            NameFull: Ye, Yapeng
      – PersonEntity:
          Name:
            NameFull: Zhang, Zhuo
      – PersonEntity:
          Name:
            NameFull: Huang, Jianjun
      – PersonEntity:
          Name:
            NameFull: Zhang, Xiangyu
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 01
              M: 05
              Text: 2024
              Type: published
              Y: 2024
          Titles:
            – TitleFull: ICSE: International Conference on Software Engineering
              Type: main
ResultId 1