The Havoc Paradox in Generator-Based Fuzzing (FUZZING 2024)

Mon 16 - Fri 20 September 2024 Vienna, Austria

Who

Ao Li, Madonna Huang, Caroline Lemieux, Rohan Padhye

Track

FUZZING 2024

Time Zone

The program is currently displayed in (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna.

Use conference time zone: (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, ViennaSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Mon 16 Sep 2024 16:00 - 16:15 at EI 9 Hlawka - Bach Session

Abstract

Parametric generators are a simple way to combine coverage-guided and generator-based fuzzing. Parametric generators can be thought of as decoders of an arbitrary byte sequence into a structured input. This allows mutations on the byte sequence to map to mutations on the structured input, without requiring the writing of specialized mutators. However, this technique is prone to the \emph{havoc effect}, where small mutations on the byte sequence cause large, destructive mutations to the structured input. This registered report first provides a preliminary investigation of the paradoxical nature of the havoc effect for generator-based fuzzing in Java. In particular, we measure mutation characteristics and confirm the existence of the havoc effect, as well as scenarios where it may be more detrimental. The proposed evaluation extends this investigation over more benchmarks, with the tools Zest, JQF’s EI, BeDivFuzz, and Zeugma.

Ao Li

Carnegie Mellon University

United States

Madonna Huang

University of British Columbia

Caroline Lemieux

University of British Columbia

Canada

Rohan Padhye

Carnegie Mellon University

United States

Time Zone

The program is currently displayed in (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna.

Use conference time zone: (GMT+02:00) Amsterdam, Berlin, Bern, Rome, Stockholm, ViennaSelect other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Mon 16 Sep
Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

15:30 - 17:00	Bach SessionFUZZING at EI 9 Hlawka

15:30 15m Talk		Sparse Symbolic Loop Execution FUZZING Frank Busse Imperial College London, Martin Nowack Imperial College London, Cristian Cadar Imperial College London
15:45 15m Talk		LOOL: Low-Overhead, Optimization-Log-Guided Compiler Fuzzing FUZZING Florian Schwarcz Johannes Kepler University Linz, Felix Berlakovich μCSRL, CODE Research Institute, University of the Bundeswehr Munich, Gergö Barany Oracle Labs, Hanspeter Mössenböck JKU Linz
16:00 15m Talk		The Havoc Paradox in Generator-Based Fuzzing FUZZING Ao Li Carnegie Mellon University, Madonna Huang University of British Columbia, Caroline Lemieux University of British Columbia, Rohan Padhye Carnegie Mellon University
16:15 15m Talk		Understanding and Improving Coverage Tracking with AFL++ FUZZING Vasil Sarafov μCSRL, CODE Research Institute, University of the Bundeswehr Munich, David Markvica μCSRL, CODE Research Institute, University of the Bundeswehr Munich, Felix Berlakovich μCSRL, CODE Research Institute, University of the Bundeswehr Munich, Matthias Bernad μCSRL, CODE Research Institute, University of the Bundeswehr Munich, Stefan Brunthaler μCSRL, CODE Research Institute, University of the Bundeswehr Munich
16:30 30m Day closing		Concluding Remarks FUZZING

Information for Participants

Mon 16 Sep 2024 15:30 - 17:00 at EI 9 Hlawka - Bach Session

Info for room EI 9 Hlawka:

Map: https://tuw-maps.tuwien.ac.at/?q=CAEG17

Room tech: https://raumkatalog.tiss.tuwien.ac.at/room/13939