Proj THUDBFuzz Paper Reading: Coverage-based Greybox Fuzzing as Markov Chain

AFLFast

前提:大多数测试都使用相同的少数“高频”路径,无法带来更多收益
本文:AFLFast
方法:制定策略,通过倾向于低频路径,以相同数量的测试探索更多路径。在AFL上增加了power schedule
实验:
In 24 hours, AFLFast exposes 3 previously unreported CVEs that are not exposed by AFL and exposes 6 previously unreported CVEs 7x faster than AFL. AFLFast produces at least an order of magnitude more unique crashes than AFL.
https://github.com/mboehme/aflfast

posted @ 2021-04-18 15:29  雪溯  阅读(108)  评论(0编辑  收藏  举报