Program Feature-Based Fuzzing Benchmarking
Guardado en:
| Publicado en: | The Institute of Electrical and Electronics Engineers, Inc. (IEEE) Conference Proceedings (2025), p. 232-234 |
|---|---|
| Autor principal: | |
| Publicado: |
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
|
| Materias: | |
| Acceso en línea: | Citation/Abstract |
| Etiquetas: |
Sin Etiquetas, Sea el primero en etiquetar este registro!
|
| Resumen: | Conference Title: 2025 IEEE/ACM 47th International Conference on Software Engineering: Companion Proceedings (ICSE-Companion)Conference Start Date: 2025 April 27Conference End Date: 2025 May 3Conference Location: Ottawa, ON, CanadaFuzzing is a powerful software testing technique renowned for its effectiveness in identifying software vulnerabilities. Traditional fuzzing evaluations typically focus on overall fuzzer performance across a set of target programs, yet few benchmarks consider how fine-grained program features influence fuzzing effectiveness. To bridge this gap, we introduce a novel benchmark designed to generate programs with configurable, fine-grained program features to enhance fuzzing evaluations. We reviewed 25 recent grey-box fuzzing studies, extracting 7 program features related to control-flow and data-flow that can impact fuzzer performance. Using these features, we generated a benchmark consisting of 153 programs controlled by 10 fine-grained configurable parameters. We evaluated 11 popular fuzzers using this benchmark. The results indicate that fuzzer performance varies significantly based on the program features and their strengths, highlighting the importance of incorporating program characteristics into fuzzing evaluations. |
|---|---|
| DOI: | 10.1109/ICSE-Companion66252.2025.00074 |
| Fuente: | Science Database |