Improving function coverage with munch: A hybrid fuzzing and directed symbolic execution approach

Saahil Ognawala, Thomas Hutzelmann, Eirini Psallida, Alexander Pretschner

Publikation: Beitrag in Buch/Bericht/KonferenzbandKonferenzbeitragBegutachtung

37 Zitate (Scopus)

Abstract

Fuzzing and symbolic execution are popular techniques for finding vulnerabilities and generating test-cases for programs. Fuzzing, a blackbox method that mutates seed input values, is generally incapable of generating diverse inputs that exercise all paths in the program. Due to the path-explosion problem and dependence on SMT solvers, symbolic execution may also not achieve high path coverage. A hybrid technique involving fuzzing and symbolic execution may achieve better function coverage than fuzzing or symbolic execution alone. In this paper, we present Munch, an open-source framework implementing two hybrid techniques based on fuzzing and symbolic execution. We empirically show using nine large open-source programs that overall, Munch achieves higher (in-depth) function coverage than symbolic execution or fuzzing alone. Using metrics based on total analyses time and number of queries issued to the SMT solver, we also show that Munch is more efficient at achieving better function coverage.

OriginalspracheEnglisch
TitelProceedings of the 33rd Annual ACM Symposium on Applied Computing, SAC 2018
Herausgeber (Verlag)Association for Computing Machinery
Seiten1475-1482
Seitenumfang8
ISBN (elektronisch)9781450351911
DOIs
PublikationsstatusVeröffentlicht - 9 Apr. 2018
Veranstaltung33rd Annual ACM Symposium on Applied Computing, SAC 2018 - Pau, Frankreich
Dauer: 9 Apr. 201813 Apr. 2018

Publikationsreihe

NameProceedings of the ACM Symposium on Applied Computing

Konferenz

Konferenz33rd Annual ACM Symposium on Applied Computing, SAC 2018
Land/GebietFrankreich
OrtPau
Zeitraum9/04/1813/04/18

Fingerprint

Untersuchen Sie die Forschungsthemen von „Improving function coverage with munch: A hybrid fuzzing and directed symbolic execution approach“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren