On the Analysis of Coverage Feedback in a Fuzzing Proprietary System

Coverage feedback is one of the key mechanisms for improving the effectiveness of fuzzers by measuring and comparing the executed code regions while processing input data. In general, such guidance should always improve the performance of fuzzers to better find unexplored code regions. However, prop...

Full description

Saved in:
Bibliographic Details
Published in:Applied sciences 2024-07, Vol.14 (13), p.5939
Main Authors: Jang, Daehee, Kim, Jaemin, Kim, Jiho, Im, Woohyeop, Jeong, Minwoo, Choi, Byeongcheol, Kil, Chongkyung
Format: Article
Language:English
Subjects:
Algorithms
bug detection
Costs
coverage feedback
Embedded systems
Experiments
Feedback
fuzzing
Infrastructure
Mutation
Open source software
Public domain
Software reliability
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Coverage feedback is one of the key mechanisms for improving the effectiveness of fuzzers by measuring and comparing the executed code regions while processing input data. In general, such guidance should always improve the performance of fuzzers to better find unexplored code regions. However, proprietary systems with uncommon I/O interfaces (e.g., UAV system, IoT devices, satellite firmware) require extensive engineering/porting efforts to apply coverage feedback support in developing their fuzzing platform. In this paper, we evaluate the detailed efficacy of coverage feedback in fuzzing based on 44 real-world bugs we found using OSS-Fuzz. Our analysis uncovered when and how code coverage information can be helpful, and our experiment demonstrates that although coverage guidance is always helpful to some extent, its effectiveness depends on various external factors. Therefore, such factors should be carefully considered for optimizing the cost and efficiency in designing the fuzzing architecture of proprietary systems.
ISSN:2076-3417
2076-3417
DOI:10.3390/app14135939