Grey box fuzzing is one of the most successful methods for automatic
vulnerability detection. However,conventional Grey box Fuzzers like AFL can
open perform fuzzing against the whole input and spend more time on smaller
seeds with lower execution time, which significantly impact fuzzing efficiency
for complicated input types. In this work, we introduce one intelligent grey
box fuzzing for Intel Media driver, MediaFuzzer, which can perform effective
fuzzing based on selective fields of complicated input. Also, with one novel
calling depth-based power schedule biased toward seed corpus which can lead to
deeper calling chain, it dramatically improves the vulnerability exposures
(~6.6 times more issues exposed) and fuzzing efficiency (~2.7 times more
efficient) against the baseline AFL for Intel media driver with almost
negligible overhead.
Go to Source of this post
Author Of this post: <a href="http://arxiv.org/find/cs/1/au:+Zhang_L/0/1/0/all/0/1">Linlin Zhang</a>, <a href="http://arxiv.org/find/cs/1/au:+Luo_N/0/1/0/all/0/1">Ning Luo</a>