Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn about ELFuzz, a novel approach that automatically synthesizes generation-based fuzzers using Large Language Model-driven synthesis over fuzzer space in this 16-minute conference presentation from USENIX Security '25. Discover how this innovative method addresses the significant manual effort required to construct input grammar specifications and semantic constraints for generation-based fuzzing by starting with minimal seed fuzzers and employing fully automated LLM-driven evolution with coverage guidance. Explore the system's ability to seamlessly scale to real-world systems with up to 1.7 million lines of code while synthesizing efficient fuzzers that capture interesting grammatical structures and semantic constraints in human-understandable ways. Examine evaluation results demonstrating ELFuzz's superior performance, achieving up to 434.8% more coverage and triggering up to 174.0% more artificially injected bugs compared to manually written specifications and state-of-the-art approaches. Review findings from a 14-day real-world fuzzing campaign on the newest version of cvc5 that discovered five 0-day bugs, three of which were exploitable, and understand how ablation studies reveal the fuzzer space model as the key component contributing up to 62.5% of ELFuzz's effectiveness.
