Explore an innovative mutation-based fuzzing technique presented at the 2018 IEEE Symposium on Security & Privacy. Dive into Angora, a groundbreaking approach that significantly outperforms state-of-the-art fuzzers by increasing branch coverage and solving path constraints without symbolic execution. Learn about key techniques including scalable byte-level taint tracking, context-sensitive branch count, gradient descent-based search, and input length exploration. Discover Angora's impressive performance on the LAVA-M data set, where it found nearly all injected bugs and uncovered 103 additional bugs that even the LAVA authors couldn't trigger. Examine real-world applications as Angora identifies numerous new bugs in popular open-source programs like file, jhead, nm, objdump, and size. Gain insights into Angora's coverage measurements and understand how its innovative techniques contribute to its exceptional fuzzing capabilities.
Overview
Syllabus
Angora: Efficient Fuzzing by Principled Search
Taught by
IEEE Symposium on Security and Privacy