2022
DOI: 10.1155/2022/1505842
|View full text |Cite
|
Sign up to set email alerts
|

GSA-Fuzz: Optimize Seed Mutation with Gravitational Search Algorithm

Abstract: Mutation-based fuzzing is currently one of the most effective techniques to discover software vulnerabilities. It relies on mutation strategies to generate interesting seeds. As a state-of-the-art mutation-based fuzzer, AFL follows a mutation strategy with high randomization, which uses randomly selected mutation operators to mutate seeds at random offsets. Its strategy may ignore some efficient mutation operators and mutation positions. Therefore, in this paper, we propose a solution named GSA-Fuzz to improve… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1

Citation Types

0
3
0

Year Published

2023
2023
2024
2024

Publication Types

Select...
3

Relationship

2
1

Authors

Journals

citations
Cited by 3 publications
(3 citation statements)
references
References 40 publications
0
3
0
Order By: Relevance
“…DAFuzz follows the same approach. CGF fuzzers have successfully been used to discover many vulnerabilities ( Zalewski, 2017 ; Google Security Team, 2018 ), and become popular in both the security industry ( Zalewski, 2017 ; Honggfuzz, 2023 ; libFuzzer, 2023 ; Fioraldi et al, 2020 ; Google Security Team, 2018 ) and academia ( Böhme, Pham & Roychoudhury, 2016 ; Lemieux & Sen, 2018 ; Gan et al, 2018 ; Lyu et al, 2019 ; Pham, Böhme & Roychoudhury, 2020 ; Aschermann et al, 2020 ; Yue et al, 2020 ; Wang, Song & Yin, 2021 ; Lin et al, 2022 ; Fioraldi, Maier & Balzarotti, 2022 ).…”
Section: Related Workmentioning
confidence: 99%
“…DAFuzz follows the same approach. CGF fuzzers have successfully been used to discover many vulnerabilities ( Zalewski, 2017 ; Google Security Team, 2018 ), and become popular in both the security industry ( Zalewski, 2017 ; Honggfuzz, 2023 ; libFuzzer, 2023 ; Fioraldi et al, 2020 ; Google Security Team, 2018 ) and academia ( Böhme, Pham & Roychoudhury, 2016 ; Lemieux & Sen, 2018 ; Gan et al, 2018 ; Lyu et al, 2019 ; Pham, Böhme & Roychoudhury, 2020 ; Aschermann et al, 2020 ; Yue et al, 2020 ; Wang, Song & Yin, 2021 ; Lin et al, 2022 ; Fioraldi, Maier & Balzarotti, 2022 ).…”
Section: Related Workmentioning
confidence: 99%
“…Usually, researchers enhance fuzzing techniques by focusing on optimizing either the seed mutation strategy or the seed selection strategy. In the context of seed mutation strategy optimization, several approaches have been explored, such as those presented in [4,12,[23][24][25][26][27][28][29]. These methods aim to identify the most effective mutation techniques and the appropriate positions for seed mutations during the fuzzing process.…”
Section: General Fuzzingmentioning
confidence: 99%
“…In the context of security testing, MAS can enable coordinated efforts among agents to explore different parts of the software system simultaneously, leading to a more comprehensive vulnerability detection [8]. By leveraging MAS in DRL fuzzing, researchers aim to improve the scalability and efficiency of security testing processes [9]. This review aims to provide a comprehensive overview of the advancements in smart contract security through the integration of multi-agent DRL fuzzing techniques.…”
Section: Introductionmentioning
confidence: 99%