Literature Review and Summary, Github,
This is a repository for collecting, summizing, and grouping Fuzzing related Papers. We have examined, comb, and summarized hundreds of recently published papers on fuzz testing located by perusing top-conference proceedings and other quality venues. This web is only used for collecting and group related paper. If there are any paper need to be updated, you can contribute PR.
Artifact Evaluation of ICSE'2024, Github,
Rust libraries are ubiquitous in software development. Guaranteeing their correctness and reliability requires thorough analysis and testing. Fuzzing is a popular bug-finding solution, yet it requires writing fuzz targets for libraries. Recently, some automatic fuzz target generation methods have been proposed. However, two challenges remain: (1) how to generate diverse API sequences that prioritize unsafe code and interactions to reveal bugs in Rust libraries; (2) how to provide support for the generic APIs and verify both syntactic and semantic validity of the fuzz targets to achieve a high coverage rate.
Artifact Evaluation of ICSE'2022, Github,
PERIOD is a control concurrency testing tool. As we know, Controlled Concurrency testing (CCT) techniques have been shown promising for concurrency bugs detection. They often have a mechanism to control the order in which threads get executed, and attempt to explore the space of possible interleavings of a concurrent program to detect bugs. Various CCT techniques have been proposed, but they are generally ineffective and ad-hoc. In this paper, we introduce a novel CCT technique PERIOD. Unlike previous works, PERIOD models the execution of concurrent programs as periodical execution, and systematically explores the space of possible interleavings, where the exploration is guided by periodical scheduling and influenced by previously tested interleavings. We have evaluated PERIOD on 10 real-world CVEs and 36 widely-used benchmark programs. Our experimental results show that PERIOD demonstrates superiority over other CCT techniques in both effectiveness and performance overhead. Moreover, we have discovered 5 previously unknown concurrency bugs in real-world programs.
Artifact Evaluation of ICSE'2020, Github,
MemLock is a fuzzing tool that gudied by memory usage. As we know, uncontrolled memory consumption is a kind of critical software security weaknesses. It can also become a security-critical vulnerability when attackers can take control of the input to consume a large amount of memory and launch a Denial-of-Service attack. However, detecting such vulnerability is challenging, as the state-of-the-art fuzzing techniques focus on the code coverage but not memory consumption. To this end, we propose a memory usage guided fuzzing technique, named MemLock, to generate the excessive memory consumption inputs and trigger uncontrolled memory consumption bugs. The fuzzing process is guided with memory consumption information so that our approach is general and does not require any domain knowledge. We perform a thorough evaluation for MemLock on 14 widely-used real-world programs. Our experiment results show that MemLock substantially outperforms the state-of-the-art fuzzing techniques, including AFL, AFLfast, PerfFuzz, FairFuzz, Angora and QSYM, in discovering memory consumption bugs. During the experiments, we discovered many previously unknown memory consumption bugs and received 15 new CVEs.
Artifact Evaluation of ICSE'2020, Github,
This Benchmark collect some vulnerabilities related to “excessive memory consumption”, which are used in MemLock’s experiment. To trigger these vulnerabilities, the testcase should consume lost of stack memory or heap memory, which can test the ability of fuzzer for generating inputs that consume lost of memory.
Benchmark, Github,
This Benchmark collect some vulnerabilities related to “use-after-free”, which are used in UAFL’s experiment.
Two-dimensional Input Space Fuzzing Driver, Github,
A driver to perform fuzz testing on JavaScriptCore and WebAssembly in WebKit.
Script, Github,
Fuzzing Experimental Data Processing Script.
Artifact of ICFEM 2017 and IEEE Transactions on Reliability 2019, Github,
BITY is a technique that recover the type information from Binary via machine learning. First, we present our approach to recovering type information in binary code. The idea is motivated by “duck typing”, where the type of a variable is determined by its features and properties. Our approach uses a combination of machine learning and program analysis. In detail, we first extract critical information form instruction-flow and data-flow, namely behaviors and features of variables in binary code. According to these behaviors and features, we learn a classifier with basic types as levels, using various machine learning methods, and then use this classifier to predict types for new, unseen binaries. For composite types, such as pointer and struct, we perform a point-to analysis to recover the target variables and use the classifier to recover the base type for these target variables, base on which, composite types are recovered.
Rules, Github,
This repository is about static analysis rules in Java and C/C++, includeing:
Lecture Notes, Github,
This is a quick research of Active Automata Learning. At present, this repository has stopped maintenance.
Artifact of SmartCom 2017, Github,
This is a learning based malware detection tool. As we know, malware is one of the most serious security threats on the Internet today. Unfortunately, the number of new malware samples has explosively increased: anti-malware vendors are now confronted with millions of potential malware samples per year. Consequently, many studies have been reported on using data mining and machine learning techniques to develop intelligent malware detection systems. Lots of works use different feature and different data set to train a classification model. Although they show a high percent of accuracy on their own test data, most of model become rapidly antiquated as malware continues to evolve. When using the obfuscation techniques or polymorphism techniques, they can not work very well. In this work, we propose a effective malware detection approach using data-mining techniques based on opcode, data structure and the imported libraries. We also use different classifiers and conduct some experiments to evaluate our approach. In addition, we provide empirical validation that our method is capable of detecting new unknown malware, also fresh malware collected in 2017. In addition, we use obfuscation on malware to test our model.