Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Chemotactic test case recombination for large-scale fuzzing

: Böttinger, K.


Journal of Cyber Security and Mobility 5 (2016), Nr.4, S.269-286
ISSN: 2245-1439
Fraunhofer AISEC ()

We present a bio-inspired method for large-scale fuzzing to detect vulnerabilities in binary executables. In our approach we deploy small groups of feedback-driven explorers that guide colonies of high throughput fuzzers to promising regions in input space. We achieve this by applying the biological concept of chemotaxis: The explorer fuzzers mark test case regions that drive the target binary to previously undiscovered execution paths with an attractant. This allows us to construct a force of attraction that draws the trailing fuzzers to high-quality test cases. By introducing hierarchies of explorers we construct a colony of fuzzers that is divided into multiple subgroups. Each subgroup is guiding a trailing group and simultaneously drawn itself by the traces of their respective explorers. We implement a prototype and evaluate our presented algorithm to show the feasibility of our approach.