DeepAI AI Chat
Log In Sign Up

Not all bytes are equal: Neural byte sieve for fuzzing

by   Mohit Rajpal, et al.

Fuzzing is a popular dynamic program analysis technique used to find vulnerabilities in complex software. Fuzzing involves presenting a target program with crafted malicious input designed to cause crashes, buffer overflows, memory errors, and exceptions. Crafting malicious inputs in an efficient manner is a difficult open problem and often the best approach to generating such inputs is through applying uniform random mutations to pre-existing valid inputs (seed files). We present a learning technique that uses neural networks to learn patterns in the input files from past fuzzing explorations to guide future fuzzing explorations. In particular, the neural models learn a function to predict good (and bad) locations in input files to perform fuzzing mutations based on the past mutations and corresponding code coverage information. We implement several neural models including LSTMs and sequence-to-sequence models that can encode variable length input files. We incorporate our models in the state-of-the-art AFL (American Fuzzy Lop) fuzzer and show significant improvements in terms of code coverage, unique code paths, and crashes for various input formats including ELF, PNG, PDF, and XML.


page 1

page 2

page 3

page 4


Optimizing seed inputs in fuzzing with machine learning

The success of a fuzzing campaign is heavily depending on the quality of...

Faster Fuzzing: Reinitialization with Deep Neural Models

We improve the performance of the American Fuzzy Lop (AFL) fuzz testing ...

SmartSeed: Smart Seed Generation for Efficient Fuzzing

Fuzzing is an automated application vulnerability detection method. For ...

Smart Greybox Fuzzing

Coverage-based greybox fuzzing (CGF) is one of the most successful metho...

Inputs from Hell Generating Uncommon Inputs from Common Samples

Generating structured input files to test programs can be performed by t...

Malicious Code Detection: Run Trace Output Analysis by LSTM

Malicious software threats and their detection have been gaining importa...

o-glasses: Visualizing x86 Code from Binary Using a 1d-CNN

Malicious document files used in targeted attacks often contain a small ...