摘要
Grey-box fuzzing is an effective technology to detect software vulnerabilities,such as memory corruption.Previous fuzzers in detecting memory corruption bugs either use heavy-weight analysis,or use techniques which are not customized for memory corruption detection.In this paper,we propose a novel memory bug guided fuzzer,ovAFLow.To begin with,we broaden the memory corruption targets where we frequently identify bugs.Next,ovAFLow utilizes light-weight and effective methods to build connections between the fuzzing inputs and these corruption targets.Based on the connection results,ovAFLow uses customized techniques to direct the fuzzing process closer to memory corruption.We evaluate ovAFLow against state-of-the-art fuzzers,including AFL(american fuzzy lop),AFLFast,FairPuzz,QSYM,Angora,TIFF,and TortoiseFuzz.The evaluation results show better vulnerability detection ability of ovAFLow,and the performance overhead is acceptable.Moreover,we identify 12 new memory corruption bugs and two CVEs(common vulnerability exposures)with the help of ovAFLow.
作者
张根
王鹏飞
乐泰
孔祥东
周旭
卢凯
Gen Zhang;Peng-Fei Wang;Tai Yue;Xiang-Dong Kong;Xu Zhou;Kai Lu(College of Computer Science and Technology,National University of Defense Technology,Changsha^10073,China)
基金
supported by the National High-Level Personnel for Defense Technology Program of China under Grant No.2017-JCJQ-ZQ-013
the National Natural Science Foundation of China under Grant Nos.61902405 and 61902412
the Natural Science Foundation of Hunan Province of China under Grant No.2021JJ40692
the Parallel and Distributed Processing Research Foundation under Grant No.6142110190404
and the Research Project of National University of Defense Technology under Grant Nos.ZK20-09 and ZK20-17.
