Abstract
In the recent past, there has been lots of work on improving fuzz testing. In prior work, EnFuzz showed that by sharing progress among different fuzzers, they can perform better than the sum of their parts. In this paper, we continue this line of work and present CollabFuzz, a collaborative fuzzing framework allowing multiple different fuzzers to collaborate under an informed scheduling policy based on a number of central analyses. More specifically, CollabFuzz is a generic framework that allows a user to express different test case scheduling policies, such as the collaborative approach presented by EnFuzz. CollabFuzz can control which tests cases are handed out to what fuzzer and allows the orchestration of different fuzzers across the network. Furthermore, it allows the centralized analysis of the test cases generated by the various fuzzers under its control, allowing to implement scheduling policies based on the results of arbitrary program (e.g., data-flow) analysis.
Original language | English |
---|---|
Title of host publication | EuroSec 2021 |
Subtitle of host publication | Proceedings of the 14th European Workshop on Systems |
Publisher | Association for Computing Machinery, Inc |
Pages | 1-7 |
Number of pages | 7 |
ISBN (Electronic) | 9781450383370 |
DOIs | |
Publication status | Published - Apr 2021 |
Event | 14th European Workshop on Systems, EuroSec 2021 - Virtual, Online, United Kingdom Duration: 26 Apr 2021 → … |
Conference
Conference | 14th European Workshop on Systems, EuroSec 2021 |
---|---|
Country/Territory | United Kingdom |
City | Virtual, Online |
Period | 26/04/21 → … |
Bibliographical note
Publisher Copyright:© 2021 Owner/Author.
Copyright:
Copyright 2021 Elsevier B.V., All rights reserved.
Funding
We would like to thank the anonynous reviewers for their constructive feedback. This work was supported by Cisco Systems, Inc. through grant #1138109 and the Deutsche Forschungsgemeinschaft (DFG, German Research Foundation) under Germany’s Excellence Strategy – EXC-2092 CaSa – 390781972. In addition, this project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 786669 (ReAct). This paper reflects only the authors’ view. The funding agencies are not responsible for any use that may be made of the information it contains.
Funders | Funder number |
---|---|
Cisco Systems | 1138109 |
Horizon 2020 Framework Programme | 786669 |
Deutsche Forschungsgemeinschaft | EXC-2092 CaSa – 390781972 |
Keywords
- automated bug finding
- collaborative fuzzing
- ensemble fuzzing
- fuzzing
- parallel fuzzing