Explore coverage-guided tracing, a novel approach to reduce fuzzing overhead in software testing and vulnerability discovery. Learn how this technique significantly improves performance by selectively tracing only coverage-increasing test cases, potentially revolutionizing the efficiency of coverage-guided fuzzing. Dive into the implementation details of UnTracer, a tool based on the static binary instrumentor Dyninst, and examine its impressive performance gains compared to traditional tracing methods. Understand the impact of coverage-guided tracing on real-world binaries and its integration with state-of-the-art hybrid fuzzers like QSYM. Gain insights into the future of efficient fuzzing techniques and their implications for software security and bug detection.
Full Speed Fuzzing - Reducing Fuzzing Overhead Through Coverage-Guided Tracing
Overview
Syllabus
Introduction
What is fuzzing
Coverageguided fuzzing
How coverage is found
How fuzzers spend their time
Overall impact
Why tracing code coverage is expensive
Coverageguided tracing
Microscale coverageguided tracing
Macroscale coverageguided tracing
Coverageguided tracing implementation
Evaluation
Benchmarks
Evaluation Question 1
Evaluation Question 2
Conclusion
Questions
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
-
RIFF - Reduced Instruction Footprint for Coverage-Guided Fuzzing
-
Accelerating Fuzzing through Prefix-Guided Execution
-
No Source, No Problem! High Speed Binary Fuzzing
-
Go Speed Tracer - Guided Fuzzing
-
NEUZZ - Efficient Fuzzing with Neural Program Smoothing
-
Trapfuzzer - Coverage-Guided Binary Fuzzing with Breakpoints
