Back to Search
Start Over
Boosting Fuzzer Efficiency: An Information Theoretic Perspective.
- Source :
- Communications of the ACM; Nov2023, Vol. 66 Issue 11, p89-97, 9p
- Publication Year :
- 2023
-
Abstract
- This article discusses the concept of fuzzing as a learning process, using Shannon's entropy to quantify the efficiency of a fuzzer in discovering new behaviors of a program. The authors propose an entropy-based power schedule called "Entropic" for greybox fuzzing, assigning more energy to seeds that reveal more information about a program's behaviors. This approach is implemented in the popular greybox fuzzer LibFuzzer and has been integrated into Google and Microsoft's fuzzing platforms. The paper highlights that the efficiency of a fuzzer is determined by the average information each generated input reveals about a program's behaviors. The authors conducted experiments with over 250 open-source programs, demonstrating a substantial improvement in efficiency and confirming their hypothesis that an efficient fuzzer maximizes information.
Details
- Language :
- English
- ISSN :
- 00010782
- Volume :
- 66
- Issue :
- 11
- Database :
- Complementary Index
- Journal :
- Communications of the ACM
- Publication Type :
- Periodical
- Accession number :
- 173131753
- Full Text :
- https://doi.org/10.1145/3611019