CollabFuzz - A Framework for Collaborative Fuzzing

Autor: Herbert Bos, Cristiano Giuffrida, Sebastian Österlund, Elia Geretto, Emre Güler, Thorsten Holz, Andrea Jemmett, Philipp Görz
Přispěvatelé: Computer Systems, Network Institute, Systems and Network Security
Rok vydání: 2021
Předmět:
Zdroj: Proceedings of the 14th European Workshop on Systems Security
EuroSec@EuroSys
EuroSec 2021: Proceedings of the 14th European Workshop on Systems, 1-7
STARTPAGE=1;ENDPAGE=7;TITLE=EuroSec 2021
Österlund, S, Geretto, E, Jemmett, A, Güler, E, Görz, P, Holz, T, Giuffrida, C & Bos, H 2021, CollabFuzz : A Framework for Collaborative Fuzzing . in EuroSec 2021 : Proceedings of the 14th European Workshop on Systems . Association for Computing Machinery, Inc, pp. 1-7, 14th European Workshop on Systems, EuroSec 2021, Virtual, Online, United Kingdom, 26/04/21 . https://doi.org/10.1145/3447852.3458720
DOI: 10.1145/3447852.3458720
Popis: In the recent past, there has been lots of work on improving fuzz testing. In prior work, EnFuzz showed that by sharing progress among different fuzzers, they can perform better than the sum of their parts. In this paper, we continue this line of work and present CollabFuzz, a collaborative fuzzing framework allowing multiple different fuzzers to collaborate under an informed scheduling policy based on a number of central analyses. More specifically, CollabFuzz is a generic framework that allows a user to express different test case scheduling policies, such as the collaborative approach presented by EnFuzz. CollabFuzz can control which tests cases are handed out to what fuzzer and allows the orchestration of different fuzzers across the network. Furthermore, it allows the centralized analysis of the test cases generated by the various fuzzers under its control, allowing to implement scheduling policies based on the results of arbitrary program (e.g., data-flow) analysis.
Databáze: OpenAIRE
Externí odkaz: