Collaborative Research: SaTC: CORE: Small: Self-Driving Continuous Fuzzing
University Of California-Riverside, Riverside CA
Investigators
Abstract
Continuous fuzzing is an emerging software testing paradigm that has gained significant traction in recent years. In this paradigm, a fuzzer is applied 24/7 to a piece of software as it is being developed/updated, hoping that the fuzzer can find the software bugs as soon as possible. It has been shown to be effective in finding bugs in large and complex pieces of software such as the Linux kernel, e.g., finding thousands of bugs and vulnerabilities in the past few years. Despite its perceived success, this project identifies an important limitation in today’s continuous fuzzing: a significant delay in finding a bug. This is fundamentally due to the lack of built-in features to make adjustments/improvements and be aware of its performance over time in general. We refer to this ability as “self-drive”. We argue that this is a critical ability because continuous fuzzing (1) by design needs to support the rapidly changing fuzzing target (under development) and (2) invests a large amount of resources and should use them effectively. The project further finds that (1) the first part of this delay is because the continuous fuzzer is initially incapable of finding some bugs, and (2) the second part of this delay is because the continuous fuzzer fails to use its resources effectively to find the bugs that it is already capable of finding. The successful completion of the project will enable continuous fuzzing to find bugs and vulnerabilities faster. Consequently, the project will help improve the quality of software systems tested with continuous fuzzing, which ultimately benefits society and the economy at large. This project investigates two research thrusts to address the aforementioned limitation. The goal of the first thrust is to improve the capability of the continuous fuzzer to find bugs that it could not find before. More specifically, it develops the capability of continuous generation and refinement of software interface descriptions. It investigates novel methods that combine various analysis techniques to overcome the challenge of analyzing a large-scale piece of software, providing the ability of self-correction and better precision and scalability. The goal of the second thrust is to enable the continuous fuzzer to find the bugs that it is capable of finding faster. This thrust investigates a scheduler for the continuous fuzzer. The goal of the scheduler is to optimize the use of existing resources of a continuous fuzzer to adequately fuzz all the interfaces of a given piece of software. It also explores a resource planning strategy for the continuous fuzzer to dynamically and automatically adjust the amount of resources available to it to achieve acceptable performance in terms of bug-finding delay. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
View original record on NSF Award Search →