Sciweavers

ICSE
2009
IEEE-ACM

Taint-based directed whitebox fuzzing

15 years 10 days ago
Taint-based directed whitebox fuzzing
We present a new automated white box fuzzing technique and a tool, BuzzFuzz, that implements this technique. Unlike standard fuzzing techniques, which randomly change parts of the input file with little or no information about the underlying syntactic structure of the file, BuzzFuzz uses dynamic taint tracing to automatically locate regions of original seed input files that influence values used at key program attack points (points where the program may contain an error). BuzzFuzz then automatically generates new fuzzed test input files by fuzzing these identified regions of the original seed input files. Because these new test files typically preserve the underlying syntactic structure of the original seed input files, they make it past the initial input parsing components to exercise code deep within the semantic core of the computation. We have used BuzzFuzz to automatically find errors in two open-source applications: Swfdec (an Adobe Flash player) and MuPDF (a PDF viewer). Our re...
Vijay Ganesh, Tim Leek, Martin C. Rinard
Added 17 Nov 2009
Updated 17 Nov 2009
Type Conference
Year 2009
Where ICSE
Authors Vijay Ganesh, Tim Leek, Martin C. Rinard
Comments (0)