SYNTONY: Potential-aware fuzzing with particle swarm optimization

Xiajing Wang, Rui Ma*, Wei Huo, Zheng Zhang, Jinyuan He, Chaonan Zhang, Donghai Tian

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

4 Citations (Scopus)

Abstract

Fuzzing has gained significant traction in academic research as well as industry thanks to its effectiveness for discovering software vulnerabilities. However, even the state-of-the-art fuzzers are not very efficient at identifying promising seeds. Coverage-guided fuzzers, while fast and scalable, usually employ single criterion to evaluate the quality of seeds, which may incur bias and pass up optimal seeds. In this paper, we devise a novel potential-aware fuzzing scheme, namely SYNTONY, which seeks to measure seed potential utilizing multiple objectives and prioritize promising seeds that are more likely to generate interesting seeds via mutation. More specifically, SYNTONY leverages efficient swarm intelligence techniques like Particle Swarm Optimization (PSO) to explore multi-criteria seed selection, which allows SYNTONY to choose effectively promising seeds. Furthermore, we introduce decent power scheduling strategy to discover significantly more paths or crashes by gravitating towards more potential seeds. We implement this scheme on top of several state-of-the-art fuzzers, i.e., AFL, AFL++, FairFuzz, and PTFuzz. Our evaluations on 11 popular real-world programs demonstrate that SYNTONY significantly increases the number of unique crashes triggered and edge coverage discovered by 132.06 % and 28.69 % over AFL++. Further comparison also shows that SYNTONY outperforms other state-of-the-art fuzzers, e.g., AFL, FairFuzz, and PTFuzz. Also, extensive evaluations illustrate that SYNTONY provides a great compatibility and expansibility, while introducing negligible overhead.

Original languageEnglish
Article number111880
JournalJournal of Systems and Software
Volume208
DOIs
Publication statusPublished - Feb 2024

Keywords

  • AFL
  • Coverage-guided fuzzing
  • Multiple criteria
  • Particle swarm optimization (PSO)
  • Seed selection

Fingerprint

Dive into the research topics of 'SYNTONY: Potential-aware fuzzing with particle swarm optimization'. Together they form a unique fingerprint.

Cite this