Fuzzing binaries with Lévy flight swarms
We present a new method for random testing of binary executables inspired by biology. In our approach, we introduce the first fuzzer based on a mathematical model for optimal foraging. To minimize search time for possible vulnerabilities, we generate test cases with Lévy flights in the input space. In order to dynamically adapt test generation behavior to actual path exploration performance, we define a suitable measure for quality evaluation of test cases. This measure takes into account previously discovered code regions and allows us to construct a feedback mechanism. By controlling diffusivity of the test case generating Lévy processes with evaluation feedback from dynamic instrumentation, we are able to define a fully self-adaptive fuzzing algorithm. We aggregate multiple instances of such Lévy flights to fuzzing swarms which reveal flexible, robust, decentralized, and self-organized behavior.
Fuzzing binaries with Lévy flight swarms
EURASIP journal on information security (2016)
| Authors: | Konstantin Böttinger |
| Year/month: | 2016/ |
| Volume: | 1 |
| Pages: | 10 |
| Fulltext: | click here |
Abstract |
|
| We present a new method for random testing of binary executables inspired by biology. In our approach, we introduce the first fuzzer based on a mathematical model for optimal foraging. To minimize search time for possible vulnerabilities, we generate test cases with Lévy flights in the input space. In order to dynamically adapt test generation behavior to actual path exploration performance, we define a suitable measure for quality evaluation of test cases. This measure takes into account previously discovered code regions and allows us to construct a feedback mechanism. By controlling diffusivity of the test case generating Lévy processes with evaluation feedback from dynamic instrumentation, we are able to define a fully self-adaptive fuzzing algorithm. We aggregate multiple instances of such Lévy flights to fuzzing swarms which reveal flexible, robust, decentralized, and self-organized behavior. | |
Bibtex:
@article { beefuzz_swarm,author = { Konstantin Böttinger},
title = { Fuzzing binaries with Lévy flight swarms },
journal = { EURASIP journal on information security (2016) },
year = { 2016 },
volume = { 1 },
pages = { 10 },
url = { http://dx.doi.org/10.1186/s13635-016-0052-1 },
}