Abstract
Current grey-box protocol fuzzers may not work well with poor-quality initial seeds. That makes it difficult to cover diverse message types and protocol states defined in the protocol specification. To mitigate this issue, we propose GeMuFuzz, which integrates deep learning based seed generation into mutation-based grey-box fuzzing. Moreover, GeMuFuzz considers the high-dimensional information implied in seeds generated during fuzzing. We also evaluated the performance of GeMuFuzz by comparing with the baseline fuzzer AFLNET on 8 typical protocol implementations of ProFuzzBench. GeMuFuzz discovered 5.07% more paths and 6.19% more crashes, as well as 8.57% more states and 10.54% more state transitions than AFLNET. The experimental results highlight that GeMuFuzz could improve the effectiveness of fuzzing.
| Original language | English |
|---|---|
| Pages (from-to) | 1889-1895 |
| Number of pages | 7 |
| Journal | Proceedings of the IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom |
| Issue number | 2024 |
| DOIs | |
| Publication status | Published - 2024 |
| Externally published | Yes |
| Event | 23rd IEEE International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2024 - Sanya, China Duration: 17 Dec 2024 → 21 Dec 2024 |
Keywords
- deep learning
- protocol fuzzing
- seed generation