The state-of-the-art directed testing techniques mainly include fuzzing-based groups and symbolic execution-based groups. At present, the directed testing techniques are promising solutions to satisfy this requirement. Furthermore, in many practical scenarios, only some code areas need testing, such as the patches, security-sensitive functions, or some user-defined positions. #Tsk pivot in exploration afl software#The enormous scale in modern software makes it a difficult task to conduct a thorough testing within a limited time budget and computing resources. We test RDFuzz on 7 benchmarks, and the experimental results demonstrate that RDFuzz is skilled at driving the program toward the target code areas, and it is not easily stuck by the balance problem of the exploration and the exploitation. Moreover, an intertwined testing schedule is leveraged to perform the exploration and exploitation in turn. Then, we introduce the input-distance-based evaluation strategy in the exploitation stage and present an optimized mutation to distinguish and protect the distance sensitive input content. In RDFuzz, we first introduce the frequency-guided strategy in the exploration and improve its accuracy by adopting the branch-level instead of the path-level frequency. In this paper, we present a new prototype RDFuzz to address these two limitations. However, by observing the state-of-the-art-directed fuzzing engine (AFLGo), we argue that there are two universal limitations, the balance problem between the exploration and the exploitation and the blindness in mutation toward the target code areas. It is a promising way to make better use of available resources, especially in testing large-scale programs. Directed fuzzing is a practical technique, which concentrates its testing energy on the process toward the target code areas, while costing little on other unconcerned components.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |