Model-based whitebox fuzzing for program binaries

@article{Pham2016ModelbasedWF,
  title={Model-based whitebox fuzzing for program binaries},
  author={Van-Thuan Pham and Marcel B{\"o}hme and Abhik Roychoudhury},
  journal={2016 31st IEEE/ACM International Conference on Automated Software Engineering (ASE)},
  year={2016},
  pages={543-553}
}
Many real-world programs take highly structured and complex files as inputs. The automated testing of such programs is non-trivial. If the test does not adhere to a specific file format, the program returns a parser error. For symbolic execution-based whitebox fuzzing the corresponding error handling code becomes a significant time sink. Too much time is spent in the parser exploring too many paths leading to trivial parser errors. Naturally, the time is better spent exploring the functional… Expand
View on ACM
comp.nus.edu.sg
62 Citations
Highly Influential Citations
4
Background Citations
29
Methods Citations
28
Results Citations
1

Supplemental Presentations

Presentation Slides
Model-based whitebox fuzzing for program binaries
Explore Further
Discover more papers related to the topics discussed in this paper

62 Citations

Citation Type

Citation Type

Steelix: program-state based binary fuzzing
  • 136
  • PDF
NAUTILUS: Fishing for Deep Bugs with Grammars
  • 42
  • PDF
InsFuzz: Fuzzing Binaries With Location Sensitivity
  • 3
  • PDF
Skyfire: Data-Driven Seed Generation for Fuzzing
  • 147
  • PDF
pbSE: Phase-Based Symbolic Execution
  • Qixue Xiao, Yu Chen, +4 authors Y. Shi
  • Computer Science
  • 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
  • 2017
  • 1
Improving function coverage with munch: a hybrid fuzzing and directed symbolic execution approach
  • 21
  • PDF
Smart Greybox Fuzzing
  • 42
  • PDF
Guide Me to Exploit: Assisted ROP Exploit Generation for ActionScript Virtual Machine
  • PDF
Target Program Select Test Input Trim Test Input Mutate Test Input Execute Program Update Queue Instrument Program Grammar
  • PDF
Perspectives on search strategies in automated test input generation
  • Highly Influenced
...
1
2
3
4
5
...

References

SHOWING 1-5 OF 5 REFERENCES
Automated Whitebox Fuzz Testing
  • 1,090
  • Highly Influential
  • PDF
Grammar-based whitebox fuzzing
  • 405
  • Highly Influential
  • PDF
Taint-based directed whitebox fuzzing
  • 280
  • Highly Influential
  • PDF
TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection
  • 274
  • Highly Influential
  • PDF
An empirical study of the reliability of UNIX utilities
  • 938
  • Highly Influential
  • PDF