Fizzer: New Gray-Box Fuzzer

Investor logo

Warning

This publication doesn't include Faculty of Economics and Administration. It includes Faculty of Informatics. Official publication website can be found on muni.cz.
Authors

JONÁŠ Martin STREJČEK Jan TRTÍK Marek URBAN Lukáš

Year of publication 2024
Type Article in Proceedings
Conference Fundamental Approaches to Software Engineering - 27th International Conference, FASE 2024, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2024, Luxembourg City, Luxembourg, April 6-11, 2024, Proceedings
MU Faculty or unit

Faculty of Informatics

Citation
Web https://link.springer.com/chapter/10.1007/978-3-031-57259-3_17
Doi http://dx.doi.org/10.1007/978-3-031-57259-3_17
Keywords fuzzing; test generation; atomic Boolean expression; Fizzer
Description Fizzer is a new gray-box fuzzer. In contrast to common gray-box fuzzers that aim to cover both true and false branches of branching instructions, Fizzer primarily aims to cover both possible values true and false of Boolean expressions in the program. When a generated test evaluates a so-called atomic Boolean expression to one of these values, our fuzzer computes the distance to the other value, detects bytes that influence this distance, and applies gradient descent on these bytes to flip the value. In Test-Comp 2024, Fizzer placed third in the category Cover-Branches after FuSeBMC and FuSeBMC-AI.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.