Mr. Chaochao Kong Profile

Chaochao Kong

SPIE Involvement:

Author

Publications (2)

This will count as one of your downloads.

You will have access to both the presentation and article (if available).

DOWNLOAD NOW

This content is available for download via your institution's subscription. To access this item, please sign in to your personal account.

Email or Username Forgot your username?

Password Forgot your password?

Show

Keep me signed in

No SPIE account? Create an account

Proceedings Article | 26 June 2023 Paper

Fine-grained mutation strategy based on critical bytes

Chaochao Kong, Fan Zhang

Proceedings Volume 12714, 127141O (2023) https://doi.org/10.1117/12.2683403

KEYWORDS: Analytical research, Contamination, Mining, Fluctuations and noise, Error control coding, Computer science

Read Abstract +

Fuzzing is a vulnerability mining approach with high execution speed, but lacks data flow and program state information, resulting in it being difficult to pass complex branching conditions. The FTI (Fuzzing-based taint inference) method proposed by Greyone is lightweight and has faster execution speed and lower execution environment requirements than the traditional taint analysis based on contamination propagation. FTI can obtain critical bytes in the input corresponding to branching conditions and perform mutation for the critical bytes, which can effectively pass complex branching conditions and improve the mutation of fuzz testing. efficiency. In this paper, we propose a fine-grained mutation strategy based on critical bytes. We identify the critical bytes in the input by FTI (Fuzzing taint inference) and execute a fine-grained mutation strategy on these critical bytes, including input corresponding states based on critical bytes, linear search, and random mutation, so that we can pass more branching constraints and eventually improve the coverage rate. Experimental results show that the method in this paper increases the edge coverage by 9% compared to AFL++, effectively improving the ability of fuzzing to pass complex branching conditions.

Proceedings Article | 13 April 2023 Paper

A fuzzing method to reduce the number of generated invalid testcases

Chaochao Kong, Fan Zhang

Proceedings Volume 12605, 126050V (2023) https://doi.org/10.1117/12.2673242

KEYWORDS: Modeling, Process modeling, Analytical research, Prototyping, Mining, Computer science

Read Abstract +

Fuzzing is a technique to detect vulnerabilities in target programs by generating testcases in random mutation phase. However, for path constraints such as magic numbers in the program, the fuzzing random mutation phase can easily generate a large number of invalid test cases that do not result in new code coverage and trigger new crashes, resulting in low code coverage for Fuzzing. In this paper, firstly, the random mutation process of Fuzzing is investigated, and it is found that 1) dictionaries help to improve the code coverage of Fuzzing and 2) the random mutation stage generates a large number of invalid testcases due to randomness. Then, we propose a novel method called Dict-MAB (Dictionary and multi-armed bandit). Dict-MAB improves the code coverage of fuzzing by reducing the number of invalid test cases generated during random mutation. Specifically, the extracted proprietary dictionary can assist fuzzing to pass complex path constraints such as magic numbers, while modeling the random mutation phase as a multi-armed bandit machine model can reduce the randomness of this phase and reduce the number of invalid testcases generated. The experiments show that the number of valid testcases generated by Dict-MAB is improved by 27.49% on average. In particular, the code coverage on lcms and libjpeg improved by 13.71 % on average.

My Library

You currently do not have any folders to save your paper to! Create a new folder below.

Folder Name

Folder Description

View contact details

UPDATE YOUR PROFILE

Is this your profile? Update it now.

Sign into your SPIE.org account

Don’t have a profile and want one?

Create an account on SPIE.org

Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks. You are receiving this notice because your organization may not have SPIE eBooks access.*

*Shibboleth/Open Athens users─please sign in to access your institution's subscriptions.

To obtain this item, you may purchase the complete book in print or electronic format on SPIE.org.

ORGANIZATIONAL
Sign in with credentials provided by your organization.

Organizational Username

Organizational Password

Show/Hide Password

INSTITUTIONAL
Select your institution to access the SPIE Digital Library.

SELECT YOUR INSTITUTION

PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.

PERSONAL SIGN IN

No SPIE Account? Create one

PURCHASE THIS CONTENT

SUBSCRIBE TO DIGITAL LIBRARY

50 downloads per 1-year subscription

Members: $195

Non-members: $335 ADD TO CART

25 downloads per 1 - year subscription

Members: $145

Non-members: $250 ADD TO CART

PURCHASE SINGLE ARTICLE

Includes PDF, HTML & Video, when available

Members:

Non-members: ADD TO CART

Keywords/Phrases

Search In:

Publication Years