Attention Distance: A Novel Metric for Directed Fuzzing with Large Language Models

TL;DR

This paper introduces attention distance, a new metric using large language models to improve directed fuzzing by capturing logical code relationships, significantly boosting testing efficiency and effectiveness.

Contribution

It proposes attention distance, a novel LLM-based metric for directed fuzzing that considers logical code relationships, outperforming traditional physical distance measures.

Findings

3.43× increase in testing efficiency over traditional methods

2.89× and 7.13× improvements over state-of-the-art fuzzers

Consistent performance enhancement when integrated into existing fuzzers

Abstract

In the domain of software security testing, Directed Grey-Box Fuzzing (DGF) has garnered widespread attention for its efficient target localization and excellent detection performance. However, existing approaches measure only the physical distance between seed execution paths and target locations, overlooking logical relationships among code segments. This omission can yield redundant or misleading guidance in complex binaries, weakening DGF's real-world effectiveness. To address this, we introduce \textbf{attention distance}, a novel metric that leverages a large language model's contextual analysis to compute attention scores between code elements and reveal their intrinsic connections. Under the same AFLGo configuration -- without altering any fuzzing components other than the distance metric -- replacing physical distances with attention distances across 38 real vulnerability reproduction experiments delivers a \textbf{3.43$\times$} average increase in testing efficiency over the traditional method. Compared to state-of-the-art directed fuzzers DAFL and WindRanger, our approach achieves \textbf{2.89$\times$} and \textbf{7.13$\times$} improvements, respectively. To further validate the generalizability of attention distance, we integrate it into DAFL and WindRanger, where it also consistently enhances their original performance. All related code and datasets are publicly available at https://github.com/TheBinKing/Attention\_Distance.git.