Fizzer: New Gray-Box Fuzzer
Authors | |
---|---|
Year of publication | 2024 |
Type | Article in Proceedings |
Conference | Fundamental Approaches to Software Engineering - 27th International Conference, FASE 2024, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2024, Luxembourg City, Luxembourg, April 6-11, 2024, Proceedings |
MU Faculty or unit | |
Citation | |
Web | https://link.springer.com/chapter/10.1007/978-3-031-57259-3_17 |
Doi | http://dx.doi.org/10.1007/978-3-031-57259-3_17 |
Keywords | fuzzing; test generation; atomic Boolean expression; Fizzer |
Description | Fizzer is a new gray-box fuzzer. In contrast to common gray-box fuzzers that aim to cover both true and false branches of branching instructions, Fizzer primarily aims to cover both possible values true and false of Boolean expressions in the program. When a generated test evaluates a so-called atomic Boolean expression to one of these values, our fuzzer computes the distance to the other value, detects bytes that influence this distance, and applies gradient descent on these bytes to flip the value. In Test-Comp 2024, Fizzer placed third in the category Cover-Branches after FuSeBMC and FuSeBMC-AI. |
Related projects: |