FuSeBMC v.4: Smart Seed Generation for Hybrid Fuzzing

• URL: http://arxiv.org/abs/2112.10627v1
• Date: Mon, 20 Dec 2021 15:41:57 GMT
• Title: FuSeBMC v.4: Smart Seed Generation for Hybrid Fuzzing
• Authors: Kaled M. Alshmrany, Mohannad Aldughaim, Ahmed Bhayat, and Lucas C. Cordeiro
• Abstract summary: FuSeBMC is a test generator for finding security vulnerabilities in C programs. This paper introduces a new version that utilizes both engines to produce smart seeds. We significantly increased our code coverage score from last year, outperforming all tools that participated in this year's competition in every single category.
• Score: 0.9379652654427957
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: FuSeBMC is a test generator for finding security vulnerabilities in C programs. In earlier work [4], we described a previous version that incrementally injected labels to guide Bounded Model Checking (BMC) and Evolutionary Fuzzing engines to produce test cases for code coverage and bug finding. This paper introduces a new version of FuSeBMC that utilizes both engines to produce smart seeds. First, the engines are run with a short time limit on a lightly instrumented version of the program to produce the seeds. The BMC engine is particularly useful in producing seeds that can pass through complex mathematical guards. Then, FuSeBMC runs its engines with more extended time limits using the smart seeds created in the previous round. FuSeBMC manages this process in two main ways using its Tracer subsystem. Firstly, it uses shared memory to record the labels covered by each test case. Secondly, it evaluates test cases, and those of high impact are turned into seeds for subsequent test fuzzing. As a result, we significantly increased our code coverage score from last year, outperforming all tools that participated in this year's competition in every single category.

Related papers

• LiveBench: A Challenging, Contamination-Free LLM Benchmark [101.21578097087699]
  We release LiveBench, the first benchmark that contains frequently-updated questions from recent information sources. We evaluate many prominent closed-source models, as well as dozens of open-source models ranging from 0.5B to 110B in size. Questions will be added and updated on a monthly basis, and we will release new tasks and harder versions of tasks over time.
  arXiv  Detail & Related papers  (2024-06-27T16:47:42Z)
• STAT: Shrinking Transformers After Training [72.0726371426711]
  We present STAT, a simple algorithm to prune transformer models without any fine-tuning. STAT eliminates both attention heads and neurons from the network, while preserving accuracy by calculating a correction to the weights of the next layer. Our entire algorithm takes minutes to compress BERT, and less than three hours to compress models with 7B parameters using a single GPU.
  arXiv  Detail & Related papers  (2024-05-29T22:59:11Z)
• FuSeBMC AI: Acceleration of Hybrid Approach through Machine Learning [3.2815052047959874]
  FuSeBMC-AI is a test generation tool grounded in machine learning techniques. FuSeBMC-AI extracts various features from the program and employs support vector machine and neural network models to predict a hybrid approach optimal configuration.
  arXiv  Detail & Related papers  (2024-04-09T05:34:19Z)
• Fuzzing BusyBox: Leveraging LLM and Crash Reuse for Embedded Bug Unearthing [2.4287247817521096]
  Vulnerabilities in BusyBox can have far-reaching consequences. The study revealed the prevalence of older BusyBox versions in real-world embedded products. We introduce two techniques to fortify software testing.
  arXiv  Detail & Related papers  (2024-03-06T17:57:03Z)
• Zero-Shot Detection of Machine-Generated Codes [83.0342513054389]
  This work proposes a training-free approach for the detection of LLMs-generated codes. We find that existing training-based or zero-shot text detectors are ineffective in detecting code. Our method exhibits robustness against revision attacks and generalizes well to Java codes.
  arXiv  Detail & Related papers  (2023-10-08T10:08:21Z)
• Parallel Approaches to Accelerate Bayesian Decision Trees [1.9728521995447947]
  We propose two methods for exploiting parallelism in the MCMC. In the first, we replace the MCMC with another numerical Bayesian approach. In the second, we consider data partitioning.
  arXiv  Detail & Related papers  (2023-01-22T09:56:26Z)
• General Cutting Planes for Bound-Propagation-Based Neural Network Verification [144.7290035694459]
  We generalize the bound propagation procedure to allow the addition of arbitrary cutting plane constraints. We find that MIP solvers can generate high-quality cutting planes for strengthening bound-propagation-based verifiers. Our method is the first verifier that can completely solve the oval20 benchmark and verify twice as many instances on the oval21 benchmark.
  arXiv  Detail & Related papers  (2022-08-11T10:31:28Z)
• FuSeBMC v4: Improving code coverage with smart seeds via BMC, fuzzing and static analysis [2.792964753261107]
  FuSeBMC v4 is a test generator that synthesizes seeds with useful properties. FuSeBMC works by first analyzing and incrementally injecting goal labels into the given C program.
  arXiv  Detail & Related papers  (2022-06-28T15:13:37Z)
• Masked Autoencoders for Generic Event Boundary Detection CVPR'2022 Kinetics-GEBD Challenge [11.823891739821443]
  Generic Event Boundary Detection (GEBD) tasks aim at detecting generic, taxonomy-free event boundaries that segment a whole video into chunks. In this paper, we apply Masked Autoencoders to improve algorithm performance on the GEBD tasks. With our approach, we achieved 85.94% on the F1-score on the Kinetics-GEBD test set, which improved the F1-score by 2.31% compared to the winner of the 2021 Kinetics-GEBD Challenge.
  arXiv  Detail & Related papers  (2022-06-17T08:10:27Z)
• Knowledge Removal in Sampling-based Bayesian Inference [86.14397783398711]
  When single data deletion requests come, companies may need to delete the whole models learned with massive resources. Existing works propose methods to remove knowledge learned from data for explicitly parameterized models. In this paper, we propose the first machine unlearning algorithm for MCMC.
  arXiv  Detail & Related papers  (2022-03-24T10:03:01Z)
• Explicit Memory Tracker with Coarse-to-Fine Reasoning for Conversational Machine Reading [177.50355465392047]
  We present a new framework of conversational machine reading that comprises a novel Explicit Memory Tracker (EMT) Our framework generates clarification questions by adopting a coarse-to-fine reasoning strategy. EMT achieves new state-of-the-art results of 74.6% micro-averaged decision accuracy and 49.5 BLEU4.
  arXiv  Detail & Related papers  (2020-05-26T02:21:31Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.