A QBDI-based fuzzer taming magic bytes

Elia Geretto, Cédric Tessier, Fabio Massacci

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

One of the major limitations of mutation-based grey-box fuzzers is that they struggle in accessing code protected by magic bytes comparisons, which are routinely employed by parsers. The best solution to this problem, the Steelix heuristic, proposes an implementation based on static binary instrumentation. This work demonstrates that, by using instead dynamic binary instrumentation, it is possible to obtain comparable performance and gain advantages in terms of precision and flexibility of the instrumentation. We have demonstrated the feasibility of this approach both on a standard academic benchmark, LAVA-M, and on real-life large-scale software, using the macOS framework ImageIO.
Original languageEnglish
Title of host publicationITASEC 2019 - Proceedings of the 3rd Italian Conference on Cyber Security
EditorsP. Degano, R. Zunino
Place of PublicationPisa, Italy
PublisherCEUR-WS
Number of pages12
Volume2315
Publication statusPublished - Feb 2019
Externally publishedYes
Event3rd Italian Conference on Cyber Security, ITASEC 2019 - Pisa, Italy
Duration: 13 Feb 201915 Feb 2019

Publication series

NameCEUR Workshop Proceedings
PublisherCEUR Workshop Proceedings
ISSN (Print)1613-0073

Conference

Conference3rd Italian Conference on Cyber Security, ITASEC 2019
Country/TerritoryItaly
CityPisa
Period13/02/1915/02/19

Keywords

  • binary fuzzing
  • binary instrumentation
  • coverage-based fuzzing

Fingerprint

Dive into the research topics of 'A QBDI-based fuzzer taming magic bytes'. Together they form a unique fingerprint.

Cite this