Fuzz testing has enjoyed great success at discovering security critical bugs in real software. Recently, researchers have devoted significant effort to devising new fuzzing techniques, strategies, and algorithms. Such new ideas are primarily evaluated experimentally so an important question is: What experimental setup is needed to produce trustworthy results? We surveyed the recent research literature and assessed the experimental evaluations carried out by 32 fuzzing papers. We found problems in every evaluation we considered. We then performed our own extensive experimental evaluation using an existing fuzzer. Our results showed that the general problems we found in existing experimental evaluations can indeed translate to actual wrong or misleading assessments. We conclude with some guidelines that we hope will help improve experimental evaluations of fuzz testing algorithms, making reported results more robust.

https://dl.acm.org/doi/pdf/10.1145/3243734.3243804

Evaluating Fuzz Testing

pdf/evaluating-fuzz-testing-21hqcy98e3.pdf

As one of the most popular software testing techniques, fuzzing can find a variety of weaknesses in a program, such as software bugs and vulnerabilities, by generating numerous test inputs. Due to its effectiveness, fuzzing is regarded as a valuable bug hunting method. In this paper, we present an overview of fuzzing that concentrates on its general process, as well as classifications, followed by detailed discussion of the key obstacles and some state-of-the-art technologies which aim to overcome or mitigate these obstacles. We further investigate and classify several widely used fuzzing tools. Our primary goal is to equip the stakeholder with a better understanding of fuzzing and the potential solutions for improving fuzzing methods in the spectrum of software testing and security. To inspire future research, we also predict some future directions with regard to fuzzing.

Fuzzing: State of the Art

Although current fuzz testing (fuzzing) methods are highly effective, there are still many situations such as complex state machines where fully automated approaches fail. State-of-the-art fuzzing methods offer very limited ability for a human to interact and aid the fuzzer in such cases. More specifically, most current approaches are limited to adding a dictionary or new seed inputs to guide the fuzzer. When dealing with complex programs, these mechanisms are unable to uncover new parts of the code base.In this paper, we propose Ijon, an annotation mechanism that a human analyst can use to guide the fuzzer. In contrast to the two aforementioned techniques, this approach allows a more systematic exploration of the program’s behavior based on the data representing the internal state of the program. As a consequence, using only a small (usually one line) annotation, a user can help the fuzzer to solve previously unsolvable challenges. We extended various AFL-based fuzzers with the ability to annotate the source code of the target application with guidance hints. Our evaluation demonstrates that such simple annotations are able to solve problems that—to the best of our knowledge— no other current fuzzer or symbolic execution based tool can overcome. For example, with our extension, a fuzzer is able to play and solve games such as Super Mario Bros. or resolve more complex patterns such as hash map lookups. To further demonstrate the capabilities of our annotations, we use AFL combined with Ijon to uncover both novel security issues and issues that previously required a custom and comprehensive grammar to be uncovered. Lastly, we show that using Ijon and AFL, one can solve many challenges from the CGC data set that resisted all fully automated and human guided attempts so far.

/pdf/ijon-exploring-deep-state-spaces-via-fuzzing-2cm8mhvmfb.pdf

Ijon: Exploring Deep State Spaces via Fuzzing

This paper describes the design and implementation of a two-stage intrusion detection system (IDS) for use with mobile ad-hoc networks. Our anomaly-based intrusion detection is provided by analyzing the context from the application-level interactions of networked nodes; each interaction corresponds to a specific function or behavior within the operational scenario of the network. A static set of behaviors is determined offline, and these behaviors are tracked dynamically during the operation of the network. During the first stage of the IDS, our detection strategy employs the analysis of global and local maxima in the probability density functions of the behaviors to isolate deviance at the granularity of a single node. This stage is used to capture the typical behavior of the network. The first stage also provides tuning and calibration for the second stage. During the second stage, a cross-correlative component is used to detect multiple threats simultaneously. Our approach distributes the IDS among all connected network nodes, allowing each node to identify potential threats individually. The combined result can detect deviant nodes in a scalable manner and can operate in the presence of a density of deviant nodes approaching 22%. Computational requirements are reduced to adapt optimally to embedded devices on an ad-hoc network.

/pdf/a-distributed-intrusion-detection-system-for-resource-4uwn8gcr2d.pdf

A distributed intrusion detection system for resource-constrained devices in ad-hoc networks

Ensuring security in wireless ad hoc networks is absolutely necessary and a must for any security-critical applications. In this paper, we report our progress in the development of an agent-based cooperative anomaly detection scheme for wireless ad hoc networks. The approach addresses the underlying distributed and cooperative nature of wireless ad hoc networks and adds one more dimension of cooperation to the intrusion detection process. That is, the anomaly detection is performed in a cooperative way involving the participation of multiple mobile nodes. Unlike traditional signature-based misuse detection approaches, the proposed scheme detects various types of intrusions/attacks based on the model learned only from normal network behaviors. Without the requirements of pre-labeled attack data, the approach eliminates the time-consuming labeling process and the impacts of imbalanced dataset. Besides, the concept of software agent technology has been applied in system implementation, which provides further support for distributed wireless ad hoc networks.

Agent-based cooperative anomaly detection for wireless ad hoc networks

As cloud computing becomes more and more prevalent, there is increased interest in mitigating attacks that target hypervisors from within the virtualized guest environments that they host. We present VDF, a targeted evolutionary fuzzing framework for discovering bugs within the software-based virtual devices implemented as part of a hypervisor. To achieve this, VDF selectively instruments the code of a given virtual device, and performs record and replay of memory-mapped I/O (MMIO) activity specific to the virtual device. We evaluate VDF by performing cloud-based parallel fuzz testing of eighteen virtual devices implemented within the QEMU hypervisor, executing over two billion test cases and revealing over one thousand unique crashes or hangs in one third of the tested devices. Our custom test case minimization algorithm further reduces the erroneous test cases into only 18.57% of the original sizes on average.

VDF: Targeted Evolutionary Fuzz Testing of Virtual Devices

Intrusion detection, as a complementary mechanism to intrusion prevention, is necessary to secure wireless Mobile Ad hoc Networks (MANETs). In this paper we propose a practical agent-based distributed intrusion detection methodology for MANETs. A two-step intrusion detection procedure has been developed to effectively detect anomalies and identify attack types using distributed intrusion detection agents. The approach is efficient in dealing with large amount of system audit information with the growing network size. In addition, the distributed agent based implementation provides inherent flexibility and scalability. The performance of the approach has been evaluated via extensive simulations.

Agent-based Distributed Intrusion Detection Methodology for MANETs.

Airborne networks are envisioned to provide interconnectivity for terrestial and space networks by interconnecting
highly mobile airborne platforms. A number of military applications are expected to be used by the operator, and all
these applications require proper routing security support to establish correct route between communicating platforms in
a timely manner. As airborne networks somewhat different from traditional wired and wireless networks (e.g., Internet,
LAN, WLAN, MANET, etc), security aspects valid in these networks are not fully applicable to airborne networks.
Designing an efficient security scheme to protect airborne networks is confronted with new requirements. In this paper,
we first identify a candidate routing architecture, which works as an underlying structure for our proposed security
scheme. And then we investigate the vulnerabilities and attack models against routing protocols in airborne networks.
Based on these studies, we propose an integrated security solution to address routing security issues in airborne
networks.

Routing Architecture and Security for Airborne Networks

A security control system is provided that works as an extra layer of defense as a way to prevent an “attack” that is initiated by modifying either the “jump” or the “return” addresses or both. The principal behind the security control system is to “monitor” the addresses to which the processors would jump, interrupt or return, and identify when these addresses are modified in a manner that does not comply with the normal execution of the processor. In order to do that the security control system uses existing structures in multi-core processors and even anticipates the creation of additional structures to expedite and improve such control.

Security control system for protection of multi-core processors

Handle everyday research tasks with reliable, citation-backed results

Your personal Research Agent to handle research tasks with citation-backed results

Popular Tasks used by Researchers

How can I help with your research?

Meet SciSpace

Get more enhanced response by uploading the PDFs you want me to reference.

No relevant PDFs in your library

SciSpace is the AI research assistant for academics. Run systematic literature reviews on 280M+ papers, and write papers with cited sources. Trusted by 1M+ students, PhDs & researchers.

SciSpace | AI for Research

Analyze PDFs

Code & Manuscripts

Funding & Grants

Literature & Patents

Medical & Clinical Data

Systematic Review

Visualize & Present

Web & Data

Build a Google Scholar-like website for your research.

Build a website

Create charts and images for your research

Create a Chart

Write a paper for submission to a journal

Draft a manuscript

Patent Search

Design eye-catching scientific posters in minutes.

Scientific Poster Generation

Systematic Literature Review

One task is running at the moment. Your messages will be shown right after.

Drag and drop or click here to browse

Loved by <highlight>1 million+</highlight> researchers

Extract a list of specific topics and their sources from unstructured text

Topics

Compare and analyze relevant papers that matches with your search

Papers

Get insights from PDFs and bookmarked papers from your library

My library

Recent searches

Try searching for:

Catch AI-generated content in scholarly and non-scholarly content

{ai} Detector

Ai Writer

Get PDF Summaries, highlighted text explanations 

Chat with PDF

Effortlessly create in-text citations and bibliographies in APA and 2,500 other formats

Citation generator

Get explanations, summaries, and answers on academic papers

Ease up your research workflow with {scispace}'s cohort of exciting AI tools

Elevate your academic writing skills and convey your ideas the way you want

Paraphraser

Explore our range of reading and writing tools

Your file is being prepared and should be ready in a few minutes. If it's a large file, it might take a bit longer. You can close this window, and we'll email you the file when it's done.

You have reached a maximum limit of <strong>{limit}</strong> columns in the table. Remove at least <strong>1</strong> column to add or create another one.

Hongmei Deng

Author Tools

Chat about Author