Visualizing and Understanding the Internals of Fuzzing

Greybox fuzzing is one of the fuzzing techniques that has been extensively researched and used in practice. Plenty of publications propose improvements to greybox fuzzing. However, the extent to which these improvements really work and generalize is not yet understood: our preliminary study of the recent literature in grey-box fuzzing shows that most papers evaluate their fuzzers in terms of runtime code coverage or bug-finding capability, although the improvements made are to the internal components (or internals) of the fuzzer. Results drawn from such experiments are insufficient to judge the impact the changes in the fuzzer's internals have on its performance.To understand fuzzing better, we thus propose to evaluate fuzzers more in depth. To this extent, we suggest to develop (1) a fuzzing-specific visualization framework to support different analytic tasks that is scalable across multiple fuzzers and facilitates effective comparison of fuzzing internals, and (2) an evaluation specification to automate the evaluation process using visualization analysis.Realizing this vision will allow us to finally answer the following questions: How can one effectively visualize and compare fuzzing internals? And what internal changes between the fuzzers are responsible for their performance deviations?