ISC4DGF: Enhancing Directed Grey-box Fuzzing with LLM-Driven Initial Seed Corpus Generation
Yijiang Xu, Hongrui Jia, Liguo Chen, Xin Wang, Zhengran Zeng, Yidong, Wang, Qing Gao, Jindong Wang, Wei Ye, Shikun Zhang, Zhonghai Wu
TL;DR
ISC4DGF leverages Large Language Models to generate optimized initial seed corpora for directed grey-box fuzzing, significantly improving vulnerability detection speed and efficiency with fewer target reaches.
Contribution
Introduces ISC4DGF, a novel LLM-based method for creating initial seed corpora tailored for directed grey-box fuzzing, enhancing targeted vulnerability detection.
Findings
Achieved 35.63x speedup in fuzzing process
Reduced target reaches by 616.10x
Improved detection efficiency with less code coverage
Abstract
Fuzz testing is crucial for identifying software vulnerabilities, with coverage-guided grey-box fuzzers like AFL and Angora excelling in broad detection. However, as the need for targeted detection grows, directed grey-box fuzzing (DGF) has become essential, focusing on specific vulnerabilities. The initial seed corpus, which consists of carefully selected input samples that the fuzzer uses as a starting point, is fundamental in determining the paths that the fuzzer explores. A well-designed seed corpus can guide the fuzzer more effectively towards critical areas of the code, improving the efficiency and success of the fuzzing process. Even with its importance, many works concentrate on refining guidance mechanisms while paying less attention to optimizing the initial seed corpus. In this paper, we introduce ISC4DGF, a novel approach to generating optimized initial seed corpus for DGF…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNatural Language Processing Techniques