Vulnerability-oriented directed fuzzing for binary programs

Directed greybox fuzzing (DGF) is an effective method to detect vulnerabilities of the specified target code. Nevertheless, there are three main issues in the existing DGFs. First, the target vulnerable code of the DGFs needs to be manually selected, which is tedious. Second, DGFs mainly leverage di...

Descripción completa

Detalles Bibliográficos
Autores principales: Yu, Lu, Lu, Yuliang, Shen, Yi, Li, Yuwei, Pan, Zulie
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Nature Publishing Group UK 2022
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8917173/
https://www.ncbi.nlm.nih.gov/pubmed/35277537
http://dx.doi.org/10.1038/s41598-022-07355-5
_version_ 1784668485381521408
author Yu, Lu
Lu, Yuliang
Shen, Yi
Li, Yuwei
Pan, Zulie
author_facet Yu, Lu
Lu, Yuliang
Shen, Yi
Li, Yuwei
Pan, Zulie
author_sort Yu, Lu
collection PubMed
description Directed greybox fuzzing (DGF) is an effective method to detect vulnerabilities of the specified target code. Nevertheless, there are three main issues in the existing DGFs. First, the target vulnerable code of the DGFs needs to be manually selected, which is tedious. Second, DGFs mainly leverage distance information as feedback, which neglects the unequal roles of different code snippets in reaching the targets. Third, most of the existing DGFs need the source code of the test programs, which is not available for binary programs. In this paper, we propose a vulnerability-oriented directed binary fuzzing framework named VDFuzz, which automatically identifies the targets and leverages dynamic information to guide the fuzzing. In specific, VDFuzz consists of two components, a target identifier and a directed fuzzer. The target identifier is designed based on a neural-network, which can automatically locate the target code areas that are similar to the known vulnerabilities. Considering the inequality of code snippets in reaching the given target, the directed fuzzer assigns different weights to basic blocks and takes the weights as feedback to generate test cases to reach the target code. Experimental results demonstrate that VDFuzz outperformed the state-of-the-art fuzzers and was effective in vulnerability detection of real-world programs.
format Online
Article
Text
id pubmed-8917173
institution National Center for Biotechnology Information
language English
publishDate 2022
publisher Nature Publishing Group UK
record_format MEDLINE/PubMed
spelling pubmed-89171732022-03-14 Vulnerability-oriented directed fuzzing for binary programs Yu, Lu Lu, Yuliang Shen, Yi Li, Yuwei Pan, Zulie Sci Rep Article Directed greybox fuzzing (DGF) is an effective method to detect vulnerabilities of the specified target code. Nevertheless, there are three main issues in the existing DGFs. First, the target vulnerable code of the DGFs needs to be manually selected, which is tedious. Second, DGFs mainly leverage distance information as feedback, which neglects the unequal roles of different code snippets in reaching the targets. Third, most of the existing DGFs need the source code of the test programs, which is not available for binary programs. In this paper, we propose a vulnerability-oriented directed binary fuzzing framework named VDFuzz, which automatically identifies the targets and leverages dynamic information to guide the fuzzing. In specific, VDFuzz consists of two components, a target identifier and a directed fuzzer. The target identifier is designed based on a neural-network, which can automatically locate the target code areas that are similar to the known vulnerabilities. Considering the inequality of code snippets in reaching the given target, the directed fuzzer assigns different weights to basic blocks and takes the weights as feedback to generate test cases to reach the target code. Experimental results demonstrate that VDFuzz outperformed the state-of-the-art fuzzers and was effective in vulnerability detection of real-world programs. Nature Publishing Group UK 2022-03-11 /pmc/articles/PMC8917173/ /pubmed/35277537 http://dx.doi.org/10.1038/s41598-022-07355-5 Text en © The Author(s) 2022 https://creativecommons.org/licenses/by/4.0/Open AccessThis article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/ (https://creativecommons.org/licenses/by/4.0/) .
spellingShingle Article
Yu, Lu
Lu, Yuliang
Shen, Yi
Li, Yuwei
Pan, Zulie
Vulnerability-oriented directed fuzzing for binary programs
title Vulnerability-oriented directed fuzzing for binary programs
title_full Vulnerability-oriented directed fuzzing for binary programs
title_fullStr Vulnerability-oriented directed fuzzing for binary programs
title_full_unstemmed Vulnerability-oriented directed fuzzing for binary programs
title_short Vulnerability-oriented directed fuzzing for binary programs
title_sort vulnerability-oriented directed fuzzing for binary programs
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8917173/
https://www.ncbi.nlm.nih.gov/pubmed/35277537
http://dx.doi.org/10.1038/s41598-022-07355-5
work_keys_str_mv AT yulu vulnerabilityorienteddirectedfuzzingforbinaryprograms
AT luyuliang vulnerabilityorienteddirectedfuzzingforbinaryprograms
AT shenyi vulnerabilityorienteddirectedfuzzingforbinaryprograms
AT liyuwei vulnerabilityorienteddirectedfuzzingforbinaryprograms
AT panzulie vulnerabilityorienteddirectedfuzzingforbinaryprograms

Ejemplares similares