Log In Sign Up

FuzzerGym: A Competitive Framework for Fuzzing and Learning

by   William Drozd, et al.

Fuzzing is a commonly used technique designed to test software by automatically crafting program inputs. Currently, the most successful fuzzing algorithms emphasize simple, low-overhead strategies with the ability to efficiently monitor program state during execution. Through compile-time instrumentation, these approaches have access to numerous aspects of program state including coverage, data flow, and heterogeneous fault detection and classification. However, existing approaches utilize blind random mutation strategies when generating test inputs. We present a different approach that uses this state information to optimize mutation operators using reinforcement learning (RL). By integrating OpenAI Gym with libFuzzer we are able to simultaneously leverage advancements in reinforcement learning as well as fuzzing to achieve deeper coverage across several varied benchmarks. Our technique connects the rich, efficient program monitors provided by LLVM Santizers with a deep neural net to learn mutation selection strategies directly from the input data. The cross-language, asynchronous architecture we developed enables us to apply any OpenAI Gym compatible deep reinforcement learning algorithm to any fuzzing problem with minimal slowdown.


page 2

page 4

page 8

page 9

page 10

page 11

page 12


Visual Sensor Network Reconfiguration with Deep Reinforcement Learning

We present an approach for reconfiguration of dynamic visual sensor netw...

Deep Reinforcement Learning Based Parameter Control in Differential Evolution

Adaptive Operator Selection (AOS) is an approach that controls discrete ...

DeepSynth: Program Synthesis for Automatic Task Segmentation in Deep Reinforcement Learning

We propose a method for efficient training of deep Reinforcement Learnin...

Mutation Testing Optimisations using the Clang Front-end

Mutation testing is the state-of-the-art technique for assessing the fau...

DeepRNG: Towards Deep Reinforcement Learning-Assisted Generative Testing of Software

Although machine learning (ML) has been successful in automating various...

Deep Reinforcement Fuzzing

Fuzzing is the process of finding security vulnerabilities in input-proc...

Not all bytes are equal: Neural byte sieve for fuzzing

Fuzzing is a popular dynamic program analysis technique used to find vul...

1 Introduction