| JONÁŠ, Martin, Jan STREJČEK, Marek TRTÍK and Lukáš URBAN. Gray-Box Fuzzing via Gradient Descent and Boolean Expression Coverage. Online. In Bernd Finkbeiner and Laura Kovács. Tools and Algorithms for the Construction and Analysis of Systems - 30th International Conference, TACAS 2024, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2024, Luxembourg City, Luxembourg, April 6-11, 2024, Proceedings, Part III. Cham (Švýcarsko): Springer, 2024, p. 90-109. ISBN 978-3-031-57255-5. Available from: https://dx.doi.org/10.1007/978-3-031-57256-2_5. |
Other formats:
BibTeX
LaTeX
RIS
@inproceedings{2396438,
author = {Jonáš, Martin and Strejček, Jan and Trtík, Marek and Urban, Lukáš},
address = {Cham (Švýcarsko)},
booktitle = {Tools and Algorithms for the Construction and Analysis of Systems - 30th International Conference, TACAS 2024, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2024, Luxembourg City, Luxembourg, April 6-11, 2024, Proceedings, Part III},
doi = {http://dx.doi.org/10.1007/978-3-031-57256-2_5},
editor = {Bernd Finkbeiner and Laura Kovács},
keywords = {fuzzing; test generation; atomic Boolean expression; Fizzer},
howpublished = {elektronická verze "online"},
language = {eng},
location = {Cham (Švýcarsko)},
isbn = {978-3-031-57255-5},
pages = {90-109},
publisher = {Springer},
title = {Gray-Box Fuzzing via Gradient Descent and Boolean Expression Coverage},
url = {https://link.springer.com/book/10.1007/978-3-031-57256-2_5},
year = {2024}
}
TY - JOUR
ID - 2396438
AU - Jonáš, Martin - Strejček, Jan - Trtík, Marek - Urban, Lukáš
PY - 2024
TI - Gray-Box Fuzzing via Gradient Descent and Boolean Expression Coverage
PB - Springer
CY - Cham (Švýcarsko)
SN - 9783031572555
KW - fuzzing
KW - test generation
KW - atomic Boolean expression
KW - Fizzer
UR - https://link.springer.com/book/10.1007/978-3-031-57256-2_5
N2 - We present a gray-box fuzzing approach based on several new ideas. While standard gray-box fuzzing aims to cover all branches of the input program, our approach primarily aims to cover both results of each Boolean expression. To achieve this goal, we track the distances to flipping these results and we dynamically detect the input bytes that influence the distance. Then we use this information to efficiently flip the results. More precisely, we apply gradient descent on the detected bytes or we create new inputs by using detected bytes from different inputs. We implemented our approach in a tool called Fizzer. An evaluation on the benchmarks of Test-Comp 2023 shows that Fizzer is fully competitive with the winning tools of the competition, which use advanced formal methods like symbolic execution or bounded model checking, usually in combination with fuzzing.
ER -
JONÁŠ, Martin, Jan STREJČEK, Marek TRTÍK and Lukáš URBAN. Gray-Box Fuzzing via Gradient Descent and Boolean Expression Coverage. Online. In Bernd Finkbeiner and Laura Kovács. \textit{Tools and Algorithms for the Construction and Analysis of Systems - 30th International Conference, TACAS 2024, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2024, Luxembourg City, Luxembourg, April 6-11, 2024, Proceedings, Part III}. Cham (Švýcarsko): Springer, 2024, p.~90-109. ISBN~978-3-031-57255-5. Available from: https://dx.doi.org/10.1007/978-3-031-57256-2\_{}5.
|
