Explore an innovative approach to software vulnerability detection in this 22-minute conference talk from the 2019 IEEE Symposium on Security & Privacy. Delve into NEUZZ, a novel fuzzing technique that combines neural program smoothing with gradient-guided optimization to overcome the limitations of traditional evolutionary algorithms. Learn how this method creates smooth surrogate functions to approximate complex program behaviors, significantly enhancing the efficiency of the fuzzing process. Discover NEUZZ's impressive performance, outperforming 10 state-of-the-art graybox fuzzers in finding new bugs and achieving higher edge coverage across popular real-world programs. Gain insights into the 31 previously unknown bugs, including two CVEs, uncovered by NEUZZ, and understand its superior performance on LAVA-M and DARPA CGC bug datasets. Presented by Dongdong She, this talk offers valuable knowledge for security researchers and software developers seeking advanced vulnerability detection methods.
NEUZZ - Efficient Fuzzing with Neural Program Smoothing
Overview
Syllabus
NEUZZ: Efficient Fuzzing with Neural Program Smoothing
Taught by
IEEE Symposium on Security and Privacy
Tags
Related Courses
-
Angora - Efficient Fuzzing by Principled Search
-
T-Fuzz - Fuzzing by Program Transformation
-
Program-Adaptive Mutational Fuzzing
-
SelectFuzz - Efficient Directed Fuzzing with Selective Path Exploration
-
Fuzzing File Systems via Two-Dimensional Input Space Exploration
-
ProFuzzer - On-the-fly Input Type Probing for Better Zero-day Vulnerability Discovery
