FuSeBMC: A White-Box Fuzzer for Finding Security Vulnerabilities in C   Programs

Kaled M. Alshmrany; Rafael S. Menezes; Mikhail R. Gadelha; and Lucas; C. Cordeiro

arXiv:2012.11223·cs.CR·December 22, 2020·1 cites

FuSeBMC: A White-Box Fuzzer for Finding Security Vulnerabilities in C Programs

Kaled M. Alshmrany, Rafael S. Menezes, Mikhail R. Gadelha, and Lucas, C. Cordeiro

PDF

Open Access

TL;DR

FuSeBMC is a novel white-box fuzzer for C programs that combines fuzzing, symbolic execution, and Bounded Model Checking to effectively discover security vulnerabilities, achieving top results in competitive testing.

Contribution

It introduces a combined approach integrating fuzzing, symbolic execution, and BMC for improved vulnerability detection in C programs.

Findings

01

Achieved first place in Cover-Error at Test-Comp'21

02

Secured second place overall at Test-Comp'21

03

Demonstrated effectiveness in finding security vulnerabilities

Abstract

We describe and evaluate a novel white-box fuzzer for C programs named FuSeBMC, which combines fuzzing and symbolic execution, and applies Bounded Model Checking (BMC) to find security vulnerabilities in C programs. FuSeBMC explores and analyzes C programs (1) to find execution paths that lead to property violations and (2) to incrementally inject labels to guide the fuzzer and the BMC engine to produce test-cases for code coverage. FuSeBMC successfully participates in Test-Comp'21 and achieves first place in the Cover-Error category and second place in the Overall category.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsSoftware Testing and Debugging Techniques · Software Reliability and Analysis Research · Advanced Malware Detection Techniques