Performant Binary Fuzzing without Source Code using Static Instrumentation

Eric Pauley, Gang Tan, Danfeng Zhang, Patrick McDaniel

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Advancements in fuzz testing have achieved the ability to quickly and comprehensively find security-critical faults in software systems. Yet, some of these techniques rely on access to source code, which is often unavailable in practice. In this paper, we explore techniques to replicate the depth and efficiency of source-code available fuzzers via static binary instrumentation. Developing such instrumentation is difficult because compilation is a lossy process, and much of the source-level semantics leveraged by these techniques are not available in binaries. We recover much of this information via heuristic control flow reconstruction, a shadow stack for function identification, and a novel technique for instrumenting comparison instructions. We evaluate RWFUZZ on the LAVA-M dataset, achieving the same effectiveness as a best-in-class source-available fuzzer with a 3.4 × execution time overhead (lower than existing dynamic fuzzing approaches). In this way, we show that techniques for binary fuzzing may approach the functional ability of source-available fuzzing.

Original languageEnglish (US)
Title of host publication2022 IEEE Conference on Communications and Network Security, CNS 2022
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages226-235
Number of pages10
ISBN (Electronic)9781665462556
DOIs
StatePublished - 2022
Event2022 IEEE Conference on Communications and Network Security, CNS 2022 - Austin, United States
Duration: Oct 3 2022Oct 5 2022

Publication series

Name2022 IEEE Conference on Communications and Network Security, CNS 2022

Conference

Conference2022 IEEE Conference on Communications and Network Security, CNS 2022
Country/TerritoryUnited States
CityAustin
Period10/3/2210/5/22

All Science Journal Classification (ASJC) codes

  • Information Systems and Management
  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications
  • Information Systems

Fingerprint

Dive into the research topics of 'Performant Binary Fuzzing without Source Code using Static Instrumentation'. Together they form a unique fingerprint.

Cite this