CollabFuzz: A Framework for Collaborative Fuzzing

Sebastian Österlund, Elia Geretto, Andrea Jemmett, Emre Güler, Philipp Görz, Thorsten Holz, Cristiano Giuffrida, Herbert Bos

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

In the recent past, there has been lots of work on improving fuzz testing. In prior work, EnFuzz showed that by sharing progress among different fuzzers, they can perform better than the sum of their parts. In this paper, we continue this line of work and present CollabFuzz, a collaborative fuzzing framework allowing multiple different fuzzers to collaborate under an informed scheduling policy based on a number of central analyses. More specifically, CollabFuzz is a generic framework that allows a user to express different test case scheduling policies, such as the collaborative approach presented by EnFuzz. CollabFuzz can control which tests cases are handed out to what fuzzer and allows the orchestration of different fuzzers across the network. Furthermore, it allows the centralized analysis of the test cases generated by the various fuzzers under its control, allowing to implement scheduling policies based on the results of arbitrary program (e.g., data-flow) analysis.

Original languageEnglish
Title of host publicationEuroSec 2021
Subtitle of host publicationProceedings of the 14th European Workshop on Systems
PublisherAssociation for Computing Machinery, Inc
Pages1-7
Number of pages7
ISBN (Electronic)9781450383370
DOIs
Publication statusPublished - Apr 2021
Event14th European Workshop on Systems, EuroSec 2021 - Virtual, Online, United Kingdom
Duration: 26 Apr 2021 → …

Conference

Conference14th European Workshop on Systems, EuroSec 2021
Country/TerritoryUnited Kingdom
CityVirtual, Online
Period26/04/21 → …

Bibliographical note

Publisher Copyright:
© 2021 Owner/Author.

Copyright:
Copyright 2021 Elsevier B.V., All rights reserved.

Funding

We would like to thank the anonynous reviewers for their constructive feedback. This work was supported by Cisco Systems, Inc. through grant #1138109 and the Deutsche Forschungsgemeinschaft (DFG, German Research Foundation) under Germany’s Excellence Strategy – EXC-2092 CaSa – 390781972. In addition, this project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 786669 (ReAct). This paper reflects only the authors’ view. The funding agencies are not responsible for any use that may be made of the information it contains.

FundersFunder number
Cisco Systems1138109
Horizon 2020 Framework Programme786669
Deutsche ForschungsgemeinschaftEXC-2092 CaSa – 390781972

    Keywords

    • automated bug finding
    • collaborative fuzzing
    • ensemble fuzzing
    • fuzzing
    • parallel fuzzing

    Fingerprint

    Dive into the research topics of 'CollabFuzz: A Framework for Collaborative Fuzzing'. Together they form a unique fingerprint.

    Cite this