Improving AFL++ CmpLog: Tackling the Bottlenecks

Wiebing, S.J.; Rooijakkers, T.; Tesink, S.

Improving AFL++ CmpLog: Tackling the Bottlenecks

conference paper

2023

Wiebing, S.J.

Rooijakkers, T.

Tesink, S.

The performance of the AFL++ CmpLog feature varies considerably for specific programs under test (PUTs). In this paper it is demonstrated that the main cause of the poor performance is low seed entropy, and a lack of deduplication of magic bytes candidates. An improvement is proposed by mapping comparisons to input bytes, in order to track which comparisons are controlled by what input bytes. This mapping is then used to fuzz only the comparison values that are magic byte candidates for that input part. Second, a caching mechanism is introduced to reduce the number of redundant executions. The evaluation of the improved versions shows a significant coverage gain compared to the original AFL++ implementation of CmpLog for all PUTs, without breaking functionality. The proposed solution in this paper provides a solid basis for a redesign of CmpLog. (C) 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.

Topics

AFL++CmpLog Fuzzing RedQueen Artificial intelligence AFL++Breakings Caching mechanism Cmplog Deduplication Fuzzing Performance Poor performance Redqueen Solid basis Mapping

TNO Identifier

989623

Repository link

https://resolver.tno.nl/uuid:0d5e639d-e047-4251-99f9-a117a9251acf

ISSN

23673370

ISBN

9783031379628

Publisher

Springer Science and Business Media Deutschland GmbH

Source title

Lecture Notes in Networks and Systems

Editor(s)

Arai K.

Pages

1419-1437

Files

To receive the publication files, please send an e-mail request to TNO Repository.

Improving AFL++ CmpLog: Tackling the Bottlenecks

Make TNO yours!