FuzzSplore: Visualizing Feedback-Driven Fuzzing Techniques
Andrea Fioraldi, Luigi Paolo Pileggi
TL;DR
FuzzSplore is a visualization tool that helps analysts compare and tune fuzzing techniques effectively during software security testing campaigns.
Contribution
This paper introduces FuzzSplore, a novel visualization-based approach for evaluating and tuning feedback-driven fuzzing techniques using AFL++.
Findings
Enables better understanding of fuzzing configurations
Assists in selecting optimal fuzzing techniques
Improves efficiency of fuzz testing campaigns
Abstract
Fuzz Testing techniques are the state of the art in software testing for security issues nowadays. Their great effectiveness attracted the attention of researchers and hackers and involved them in developing a lot of new techniques to improve Fuzz Testing. The evaluation and the cross-comparison of these techniques is an almost open problem. In this paper, we propose a human-driven approach to this problem based on information visualization. We developed a prototype upon the AFL++ fuzzing framework, FuzzSplore, that an analyst can use to get useful insights about different fuzzing configurations applied to a specific target in order to choose or tune the best technique during a fuzzing campaign.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSoftware Testing and Debugging Techniques · Advanced Malware Detection Techniques · Software Reliability and Analysis Research