LibAFL-DiFuzz: Advanced Architecture Enabling Directed Fuzzing
Darya Parygina, Timofey Mezhuev, and Daniil Kuts
TL;DR
LibAFL-DiFuzz introduces an advanced, flexible directed fuzzing architecture with context-aware graph analysis and indirect call resolution, significantly improving efficiency and target reachability in program testing.
Contribution
The paper presents a modular, extensible directed fuzzing framework with novel graph analysis techniques, including context weights and indirect call resolution, integrated into existing fuzzing tools.
Findings
Increased efficiency in reaching target points
Improved speedup over AFLGo and BEACON
Enhanced usability features like target detection
Abstract
Directed fuzzing performs best for targeted program testing via estimating the impact of each input in reaching predefined program points. But due to insufficient analysis of the program structure and lack of flexibility and configurability it can lose efficiency. In this paper, we enhance directed fuzzing with context weights for graph nodes and resolve indirect edges during call graph construction. We construct flexible tool for directed fuzzing with components able to be easily combined with other techniques. We implement proposed method in three separate modules: DiFuzzLLVM library for graph construction and indirect calls resolving, DiFuzz static analysis tool for processing program graphs and computing proximity metrics, and LibAFL-DiFuzz directed fuzzer based on LibAFL fuzzing library. We create additional LibAFL modules for enabling custom power scheduling and static…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSoftware Testing and Debugging Techniques