Model-based whitebox fuzzing for program binaries

@article{Pham2016ModelbasedWF,
  title={Model-based whitebox fuzzing for program binaries},
  author={Van-Thuan Pham and Marcel B{\"o}hme and Abhik Roychoudhury},
  journal={2016 31st IEEE/ACM International Conference on Automated Software Engineering (ASE)},
  year={2016},
  pages={543-553}
}
  • Van-Thuan Pham, Marcel Böhme, Abhik Roychoudhury
  • Published 2016
  • Computer Science
  • 2016 31st IEEE/ACM International Conference on Automated Software Engineering (ASE)
    • Many real-world programs take highly structured and complex files as inputs. The automated testing of such programs is non-trivial. If the test does not adhere to a specific file format, the program returns a parser error. For symbolic execution-based whitebox fuzzing the corresponding error handling code becomes a significant time sink. Too much time is spent in the parser exploring too many paths leading to trivial parser errors. Naturally, the time is better spent exploring the functional… CONTINUE READING
    View on ACM
    comp.nus.edu.sg
    62 Citations
    Highly Influential Citations
    4
    Background Citations
    28
    Methods Citations
    28
    Results Citations
    1

    Supplemental Presentations

    Presentation Slides
    Model-based whitebox fuzzing for program binaries
    Explore Further
    Discover more papers related to the topics discussed in this paper

    Figures, Tables, and Topics from this paper

    Figures and Tables

    Explore Further: Topics Discussed in This Paper

    62 Citations
    Citation Type

    Citation Type

    Steelix: program-state based binary fuzzing
    • 134
    • PDF
    NAUTILUS: Fishing for Deep Bugs with Grammars
    • 40
    • PDF
    InsFuzz: Fuzzing Binaries With Location Sensitivity
    • 3
    • PDF
    Skyfire: Data-Driven Seed Generation for Fuzzing
    • 145
    • PDF
    pbSE: Phase-Based Symbolic Execution
    • Qixue Xiao, Yu Chen, +4 authors Y. Shi
    • Computer Science
    • 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
    • 2017
    • 1
    Improving function coverage with munch: a hybrid fuzzing and directed symbolic execution approach
    • 20
    • PDF
    Smart Greybox Fuzzing
    • 41
    • PDF
    Guide Me to Exploit: Assisted ROP Exploit Generation for ActionScript Virtual Machine
    • PDF
    Target Program Select Test Input Trim Test Input Mutate Test Input Execute Program Update Queue Instrument Program Grammar
    • PDF
    Perspectives on search strategies in automated test input generation
    • Highly Influenced

    References

    SHOWING 1-5 OF 5 REFERENCES
    Automated Whitebox Fuzz Testing
    • 1,083
    • Highly Influential
    • PDF
    Grammar-based whitebox fuzzing
    • 401
    • Highly Influential
    • PDF
    Taint-based directed whitebox fuzzing
    • 279
    • Highly Influential
    • PDF
    TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection
    • 273
    • Highly Influential
    • PDF
    An empirical study of the reliability of UNIX utilities
    • 931
    • Highly Influential
    • PDF