Write a Blog >>
ESEC/FSE 2022
Mon 14 - Fri 18 November 2022 Singapore
Wed 16 Nov 2022 11:45 - 12:00 at SRC LT 52 - ESEC/FSE 20 Software Testing II Chair(s): Xi Zheng

In this paper, we take the fundamental perspective of fuzzing as a learning process. Suppose before fuzzing, we know nothing about the behaviors of a program P: What does it do? Executing the first test input, we learn how P behaves for this input. Executing the next input, we either observe the same or discover a new behavior. As such, each execution reveals ”some amount” of information about P’s behaviors. A classic measure of information is Shannon’s entropy. Measuring entropy allows us to quantify how much is learned from each generated test input about the behaviors of the program. Within a probabilistic model of fuzzing, we show how entropy also measures fuzzer efficiency. Specifically, it measures the general rate at which the fuzzer discovers new behaviors. Intuitively, efficient fuzzers maximize information.

From this information theoretic perspective, we develop Entropic, an entropy-based power schedule for greybox fuzzing which assigns more energy to seeds that maximize information. We implemented Entropic into the popular greybox fuzzer LibFuzzer. Our experiments with more than 250 open-source programs (60 million LoC) demonstrate a substantially improved efficiency and confirm our hypothesis that an efficient fuzzer maximizes information. Entropic has been independently evaluated and invited for integration into main-line LibFuzzer. Entropic now runs on more than 25,000 machines fuzzing hundreds of security-critical software systems simultaneously and continuously.

Teaser Video:

Youtube video

Wed 16 Nov

Displayed time zone: Beijing, Chongqing, Hong Kong, Urumqi change

11:00 - 12:30
ESEC/FSE 20 Software Testing IIESEC/FSE 2020 at SRC LT 52
Chair(s): Xi Zheng Macquarie University
11:00
15m
Talk
Model-Based Exploration of the Frontier of Behaviours for Deep Learning System Testing
ESEC/FSE 2020
Vincenzo Riccio University of Udine, Paolo Tonella USI Lugano
11:15
15m
Talk
Baital: An Adaptive Weighted Sampling Approach for Improved t-wise Coverage
ESEC/FSE 2020
Eduard Baranov Université Catholique de Louvain, Belgium, Axel Legay Université Catholique de Louvain, Belgium, Kuldeep S. Meel National University of Singapore
11:30
15m
Talk
Fuzzing: On the Exponential Cost of Vulnerability Discovery
ESEC/FSE 2020
Marcel Böhme MPI-SP, Germany and Monash University, Australia, Brandon Falk Gamozo Labs, n.n.
DOI Pre-print
11:45
15m
Talk
Boosting Fuzzer Efficiency: An Information Theoretic Perspective
ESEC/FSE 2020
Marcel Böhme MPI-SP, Germany and Monash University, Australia, Valentin Manès KAIST, South Korea, Sang Kil Cha KAIST, South Korea
DOI Pre-print