In the recent past, there has been lots of work on improving fuzz testing. In prior work, EnFuzz showed that by sharing progress among different fuzzers, they can perform better than the sum of their parts. In this paper, we continue this line of work and present CollabFuzz, a collaborative fuzzing framework allowing multiple different fuzzers to collaborate under an informed scheduling policy based on a number of central analyses. More specifically, CollabFuzz is a generic framework that allows a user to express different test case scheduling policies, such as the collaborative approach presented by EnFuzz. CollabFuzz can control which tests cases are handed out to what fuzzer and allows the orchestration of different fuzzers across the network. Furthermore, it allows the centralized analysis of the test cases generated by the various fuzzers under its control, allowing to implement scheduling policies based on the results of arbitrary program (e.g., data-flow) analysis.
|Title of host publication||EuroSec 2021|
|Subtitle of host publication||Proceedings of the 14th European Workshop on Systems|
|Publisher||Association for Computing Machinery, Inc|
|Number of pages||7|
|Publication status||Published - Apr 2021|
|Event||14th European Workshop on Systems, EuroSec 2021 - Virtual, Online, United Kingdom|
Duration: 26 Apr 2021 → …
|Conference||14th European Workshop on Systems, EuroSec 2021|
|Period||26/04/21 → …|
Bibliographical notePublisher Copyright:
© 2021 Owner/Author.
Copyright 2021 Elsevier B.V., All rights reserved.
- automated bug finding
- collaborative fuzzing
- ensemble fuzzing
- parallel fuzzing