Collaborative Research: SaTC: CORE: Small: Self-Driving Continuous Fuzzing

协作研究：SaTC：核心：小型：自驱动连续模糊测试

• 批准号: 2247880
• 负责人: Ardalan Amiri Sani
• 金额: $ 30万
• 依托单位: University of California-Irvine
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2023
• 资助国家: 美国
• 起止时间: 2023-08-01 至 2026-07-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2247880&HistoricalAwards=false
• 关键词: Collaborative; Research; SaTC; CORE; Small

Continuous fuzzing is an emerging software testing paradigm that has gained significant traction in recent years. In this paradigm, a fuzzer is applied 24/7 to a piece of software as it is being developed/updated, hoping that the fuzzer can find the software bugs as soon as possible. It has been shown to be effective in finding bugs in large and complex pieces of software such as the Linux kernel, e.g., finding thousands of bugs and vulnerabilities in the past few years. Despite its perceived success, this project identifies an important limitation in today’s continuous fuzzing: a significant delay in finding a bug. This is fundamentally due to the lack of built-in features to make adjustments/improvements and be aware of its performance over time in general. We refer to this ability as “self-drive”. We argue that this is a critical ability because continuous fuzzing (1) by design needs to support the rapidly changing fuzzing target (under development) and (2) invests a large amount of resources and should use them effectively. The project further finds that (1) the first part of this delay is because the continuous fuzzer is initially incapable of finding some bugs, and (2) the second part of this delay is because the continuous fuzzer fails to use its resources effectively to find the bugs that it is already capable of finding. The successful completion of the project will enable continuous fuzzing to find bugs and vulnerabilities faster. Consequently, the project will help improve the quality of software systems tested with continuous fuzzing, which ultimately benefits society and the economy at large. This project investigates two research thrusts to address the aforementioned limitation. The goal of the first thrust is to improve the capability of the continuous fuzzer to find bugs that it could not find before. More specifically, it develops the capability of continuous generation and refinement of software interface descriptions. It investigates novel methods that combine various analysis techniques to overcome the challenge of analyzing a large-scale piece of software, providing the ability of self-correction and better precision and scalability. The goal of the second thrust is to enable the continuous fuzzer to find the bugs that it is capable of finding faster. This thrust investigates a scheduler for the continuous fuzzer. The goal of the scheduler is to optimize the use of existing resources of a continuous fuzzer to adequately fuzz all the interfaces of a given piece of software. It also explores a resource planning strategy for the continuous fuzzer to dynamically and automatically adjust the amount of resources available to it to achieve acceptable performance in terms of bug-finding delay.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

连续模糊是一种新兴的软件测试范式，近年来已获得了大量的吸引力。在此范式中，在开发/更新时将模糊器24/7全天候应用于一块软件，希望Fuzzer能够尽快找到软件错误。它已被证明可以有效地在大型软件中查找错误，例如Linux内核，例如在过去几年中查找数千个错误和漏洞。尽管获得了成功，但该项目还是确定了当今持续模糊的重要限制：寻找错误的重大延迟。从根本上讲，这是由于缺乏内置功能来进行调整/改进，并且一般来说，其表现。我们将这种能力称为“自动驱动”。我们认为这是一种关键的能力，因为设计的连续模糊（1）需要支持快速变化的模糊目标（正在开发），并且（2）投资大量资源，并应有效地使用它们。该项目进一步发现，（1）此延迟的第一部分是因为连续的Fuzzer最初无法找到某些错误，并且（2）此延迟的第二部分是因为连续的Fuzzer无法有效地使用其资源来找到已经能够找到它已经能够找到的错误。该项目的成功完成将使连续模糊能够更快地发现错误和漏洞。因此，该项目将有助于提高通过连续模糊测试的软件系统的质量，最终使社会和整个经济受益。该项目研究了两项研究，以解决Priore限制。第一个推力的目的是提高连续模糊器的能力，以找到以前找不到的错误。更具体地说，它发展了软件接口描述的连续生成和完善的能力。它研究了新的方法，这些方法结合了各种分析技术，以克服大型软件的挑战，提供自我纠正的能力以及更好的精度和可扩展性。第二个推力的目的是使连续的模糊器能够找到能够更快地找到的错误。该推力调查了连续绒毛的调度程序。调度程序的目的是优化连续模糊器的现有资源的使用，以充分地模糊给定软件的所有接口。它还探索了连续fuzzer的资源计划策略，以动态，自动调整可用的资源数量，以在发现漏洞延迟方面实现可接受的绩效。该奖项反映了NSF的法定任务，并被认为是值得通过基金会的知识分子优点和更广泛影响的审查标准来通过评估来获得支持的。