Cited 0 time in
AIMFuzz: Automated Function-Level In-Memory Fuzzing on Binaries
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Kim, TaeWook | - |
| dc.contributor.author | Hong, Sukhyun | - |
| dc.contributor.author | Cho, Yeongpil | - |
| dc.date.accessioned | 2024-11-28T08:36:12Z | - |
| dc.date.available | 2024-11-28T08:36:12Z | - |
| dc.date.issued | 2024-07 | - |
| dc.identifier.issn | 0000-0000 | - |
| dc.identifier.uri | https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/195386 | - |
| dc.description.abstract | In-memory fuzzing, designed to perform direct mutation on memory contents, has gained attention as a technique that enables intensive, efficient testing. To facilitate this fuzzing technique, identifications of mutable buffers, which will be subject to mutation, and fuzzing target functions should be preceded. So far, these identifications have been relied on manual efforts with source code available. Unfortunately, such manual identifications are challenging on binary-only programs due mainly to loss of source-level information during compilation. To address this difficulty, this paper proposes AIMFuzz that supports in-memory fuzzing on binary programs at function level. AIMFuzz largely consists of two stages: the analysis stage that identifies mutable buffers and prioritizes fuzzing target functions based on dynamic taint tracking, and the fuzzing stage that tests the designated target functions by injecting mutated inputs through the identified mutable buffers. Noteworthily, these two stages are carried out automatically, eliminating daunting manual efforts for the binary. Our evaluation results demonstrate that AIMFuzz successfully detects bugs on real applications. AIMFuzz shows great effectiveness in testing selected target functions efficiently and thoroughly, and also comparable performance to the state-of-the-art implementation of in-memory fuzzing with better usability thanks to its automated analysis and testing. | - |
| dc.format.extent | 13 | - |
| dc.language | 영어 | - |
| dc.language.iso | ENG | - |
| dc.publisher | Association for Computing Machinery, Inc | - |
| dc.title | AIMFuzz: Automated Function-Level In-Memory Fuzzing on Binaries | - |
| dc.type | Article | - |
| dc.identifier.doi | 10.1145/3634737.3644996 | - |
| dc.identifier.scopusid | 2-s2.0-85199311804 | - |
| dc.identifier.wosid | 001283918100106 | - |
| dc.identifier.bibliographicCitation | ACM AsiaCCS 2024 - Proceedings of the 19th ACM Asia Conference on Computer and Communications Security, pp 1510 - 1522 | - |
| dc.citation.title | ACM AsiaCCS 2024 - Proceedings of the 19th ACM Asia Conference on Computer and Communications Security | - |
| dc.citation.startPage | 1510 | - |
| dc.citation.endPage | 1522 | - |
| dc.type.docType | Proceedings Paper | - |
| dc.description.isOpenAccess | N | - |
| dc.description.journalRegisteredClass | scopus | - |
| dc.relation.journalResearchArea | Computer Science | - |
| dc.relation.journalResearchArea | Telecommunications | - |
| dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
| dc.relation.journalWebOfScienceCategory | Computer Science, Interdisciplinary Applications | - |
| dc.relation.journalWebOfScienceCategory | Telecommunications | - |
| dc.subject.keywordPlus | Program debugging | - |
| dc.subject.keywordAuthor | automation | - |
| dc.subject.keywordAuthor | binary | - |
| dc.subject.keywordAuthor | fuzzing | - |
| dc.subject.keywordAuthor | in-memory fuzzing | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
222, Wangsimni-ro, Seongdong-gu, Seoul, 04763, Korea+82-2-2220-1366
COPYRIGHT © 2024 HANYANG UNIVERSITY.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.
