Andrea Fioraldi (EURECOM), Alessandro Mantovani (EURECOM), Dominik Maier (TU Berlin), Davide Balzarotti (EURECOM)

AFL is one of the most used and extended fuzzing projects, adopted by industry and academic researchers alike. While the community agrees on AFL’s effectiveness at discovering new vulnerabilities and at its outstanding usability, many of its internal design choices remain untested to date. Security practitioners often clone the project “as-is” and use it as a starting point to develop new techniques, usually taking everything under the hood for granted. Instead, we believe that a careful analysis of the different parameters could help modern fuzzers to improve their performance and explain how each choice can affect the outcome of security testing, either negatively or positively.

The goal of this paper is to provide a comprehensive understanding of the internal mechanisms of AFL by performing experiments and comparing different metrics used to evaluate fuzzers. This will prove the efficacy of some patterns and clarify which aspects are instead outdated. To achieve this, we set up nine unique experiments that we carried out on the popular Fuzzbench platform. Each test focuses on a different aspect of AFL, ranging from its mutation approach to the feedback encoding scheme and the scheduling methodologies.

Our preliminary findings show that each design choice affects different factors of AFL. While some of these are positively correlated with the number of detected bugs or the target coverage, other features are related to usability and reliability. Most important, the outcome of our experiments will indicate which parts of AFL we should preserve in modern fuzzers.

View More Papers

Chhoyhopper: A Moving Target Defense with IPv6

A S M Rizvi (University of Southern California/Information Sciences Institute) and John Heidemann (University of Southern California/Information Sciences Institute)

Read More

Chosen-Instruction Attack Against Commercial Code Virtualization Obfuscators

Shijia Li (College of Computer Science, NanKai University and the Tianjin Key Laboratory of Network and Data Security Technology), Chunfu Jia (College of Computer Science, NanKai University and the Tianjin Key Laboratory of Network and Data Security Technology), Pengda Qiu (College of Computer Science, NanKai University and the Tianjin Key Laboratory of Network and Data…

Read More

Too Afraid to Drive: Systematic Discovery of Semantic DoS...

Ziwen Wan (University of California, Irvine), Junjie Shen (University of California, Irvine), Jalen Chuang (University of California, Irvine), Xin Xia (The University of California, Los Angeles), Joshua Garcia (University of California, Irvine), Jiaqi Ma (The University of California, Los Angeles), Qi Alfred Chen (University of California, Irvine)

Read More