Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Guiding a colony of black-box fuzzers with chemotaxis

: Böttinger, K.


Gondree, M. ; Institute of Electrical and Electronics Engineers -IEEE-:
SPW 2017, IEEE Symposium on Security and Privacy Workshops. Proceedings : 25 May 2017, San Jose, California, USA
Piscataway, NJ: IEEE, 2017
ISBN: 978-1-5386-1968-1
ISBN: 978-1-5386-1969-8
ISBN: 978-1-5386-1967-4
Security and Privacy Workshops (SPW) <2017, San Jose/Calif.>
Workshop on Bio-inspired Security, Trust, Assurance and Resilience (BioStar) <2, 2017, San Jose/Calif.>
Fraunhofer AISEC ()

We present a bio-inspired method for large-scale fuzzing of binary executables to detect vulnerabilities. In our approach we deploy a small group of feedback-driven explorers that guide a colony of black-box fuzzers to promising regions in input space. We achieve this by applying the biological concept of chemotaxis: The explorer fuzzers mark test case regions that drive the target binary to previously undiscovered execution paths with an attractant. This allows us to construct a force of attraction that draws the black-box fuzzers to high-quality test cases. We implement a prototype and evaluate our presented algorithm to show the feasibility of our approach.