Grey-box fuzzing is an effective technology to detect software vulnerabilities,such as memory corruption.Previous fuzzers in detecting memory corruption bugs either use heavy-weight analysis,or use techniques which ar...Grey-box fuzzing is an effective technology to detect software vulnerabilities,such as memory corruption.Previous fuzzers in detecting memory corruption bugs either use heavy-weight analysis,or use techniques which are not customized for memory corruption detection.In this paper,we propose a novel memory bug guided fuzzer,ovAFLow.To begin with,we broaden the memory corruption targets where we frequently identify bugs.Next,ovAFLow utilizes light-weight and effective methods to build connections between the fuzzing inputs and these corruption targets.Based on the connection results,ovAFLow uses customized techniques to direct the fuzzing process closer to memory corruption.We evaluate ovAFLow against state-of-the-art fuzzers,including AFL(american fuzzy lop),AFLFast,FairPuzz,QSYM,Angora,TIFF,and TortoiseFuzz.The evaluation results show better vulnerability detection ability of ovAFLow,and the performance overhead is acceptable.Moreover,we identify 12 new memory corruption bugs and two CVEs(common vulnerability exposures)with the help of ovAFLow.展开更多
基金supported by the National High-Level Personnel for Defense Technology Program of China under Grant No.2017-JCJQ-ZQ-013the National Natural Science Foundation of China under Grant Nos.61902405 and 61902412+2 种基金the Natural Science Foundation of Hunan Province of China under Grant No.2021JJ40692the Parallel and Distributed Processing Research Foundation under Grant No.6142110190404and the Research Project of National University of Defense Technology under Grant Nos.ZK20-09 and ZK20-17.
文摘Grey-box fuzzing is an effective technology to detect software vulnerabilities,such as memory corruption.Previous fuzzers in detecting memory corruption bugs either use heavy-weight analysis,or use techniques which are not customized for memory corruption detection.In this paper,we propose a novel memory bug guided fuzzer,ovAFLow.To begin with,we broaden the memory corruption targets where we frequently identify bugs.Next,ovAFLow utilizes light-weight and effective methods to build connections between the fuzzing inputs and these corruption targets.Based on the connection results,ovAFLow uses customized techniques to direct the fuzzing process closer to memory corruption.We evaluate ovAFLow against state-of-the-art fuzzers,including AFL(american fuzzy lop),AFLFast,FairPuzz,QSYM,Angora,TIFF,and TortoiseFuzz.The evaluation results show better vulnerability detection ability of ovAFLow,and the performance overhead is acceptable.Moreover,we identify 12 new memory corruption bugs and two CVEs(common vulnerability exposures)with the help of ovAFLow.
