Overview
Explore an innovative approach to software vulnerability detection in this 22-minute conference talk from the 2019 IEEE Symposium on Security & Privacy. Delve into NEUZZ, a novel fuzzing technique that combines neural program smoothing with gradient-guided optimization to overcome the limitations of traditional evolutionary algorithms. Learn how this method creates smooth surrogate functions to approximate complex program behaviors, significantly enhancing the efficiency of the fuzzing process. Discover NEUZZ's impressive performance, outperforming 10 state-of-the-art graybox fuzzers in finding new bugs and achieving higher edge coverage across popular real-world programs. Gain insights into the 31 previously unknown bugs, including two CVEs, uncovered by NEUZZ, and understand its superior performance on LAVA-M and DARPA CGC bug datasets. Presented by Dongdong She, this talk offers valuable knowledge for security researchers and software developers seeking advanced vulnerability detection methods.
Syllabus
NEUZZ: Efficient Fuzzing with Neural Program Smoothing
Taught by
IEEE Symposium on Security and Privacy