Chen, Ju;
Wang, Jinghan;
Song, Chengyu;
Yin, Heng;
(2022)
JIGSAW: Efficient and Scalable Path Constraints Fuzzing.
In:
Proceedings of the IEEE Symposium on Security and Privacy (SP) 2022.
(pp. pp. 18-35).
Institute of Electrical and Electronics Engineers (IEEE)
Preview |
Text
jigsaw (1).pdf - Accepted Version Download (416kB) | Preview |
Abstract
Coverage-guided testing has shown to be an effective way to find bugs. If we model coverage-guided testing as a search problem (i.e., finding inputs that can cover more branches), then its efficiency mainly depends on two factors: (1) the accuracy of the searching algorithm and (2) the number of inputs that can be evaluated per unit time. Therefore, improving the search throughput has shown to be an effective way to improve the performance of coverage-guided testing.In this work, we present a novel design to improve the search throughput: by evaluating newly generated inputs with JIT-compiled path constraints. This approach allows us to significantly improve the single thread throughput as well as scaling to multiple cores. We also developed several optimization techniques to eliminate major bottlenecks during this process. Evaluation of our prototype JIGSAW shows that our approach can achieve three orders of magnitude higher search throughput than existing fuzzers and can scale to multiple cores. We also find that with such high throughput, a simple gradient-guided search heuristic can solve path constraints collected from a large set of real-world programs faster than SMT solvers with much more sophisticated search heuristics. Evaluation of end-to-end coverage-guided testing also shows that our JIGSAW-powered hybrid fuzzer can outperform state-of-the-art testing tools.
| Type: | Proceedings paper |
|---|---|
| Title: | JIGSAW: Efficient and Scalable Path Constraints Fuzzing |
| Event: | 2022 IEEE Symposium on Security and Privacy (SP) |
| Location: | San Francisco, CA, USA |
| Dates: | 22nd-26th May 2022 |
| ISBN-13: | 978-1-6654-1316-9 |
| Open access status: | An open access version is available from UCL Discovery |
| DOI: | 10.1109/sp46214.2022.9833796 |
| Publisher version: | https://doi.org/10.1109/SP46214.2022.9833796 |
| Language: | English |
| Additional information: | This version is the author accepted manuscript. For information on re-use, please refer to the publisher's terms and conditions. |
| UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science |
| URI: | https://discovery.ucl.ac.uk/id/eprint/10170861 |
Loading...
Loading...Loading...Loading...Archive Staff Only
 |
View Item |
