Structure-aware Hybrid Fuzzing (Bachelor Thesis, Ongoing)

Author

Luc Heitz

Description

Fuzzing is a state-of-the-art technique to detect bugs and vulnerabilities in software. However, with conventional fuzzing tools, it is hard to reach full testing coverage. Hybrid fuzzing is a way to address this issue, but often those tools are slow or cannot handle situations such as forks/threads in the program. In this thesis, hybrid fuzzing should be advanced to overcome these issues, by more efficient symbolic tracing, transforming programs or using bounded model checking (BMC). The results will be evaluated on the DARPA Cyber Grand Challenge data set as well as on a LAVA data set and be compared to state-of-the-art fuzzers (afl, honggfuzz) and state-of-the-art hybrid fuzzers (e.g. Driller).

Start / End Dates

2022/08/15 - 2022/12/14

Supervisors