Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn about IDFuzz, an intelligent directed grey-box fuzzing technique that revolutionizes software vulnerability testing through neural network-guided input mutation strategies. Discover how this innovative approach addresses the inefficiencies of existing directed fuzzers that rely on randomness and empiricism from AFL-based strategies. Explore the key insight of leveraging neural network models to learn from historically mutated inputs and extract valuable experience for guiding input mutation toward target code. Understand the novel techniques in model construction and training that enable effective coverage of both explored and unexplored code relevant to testing targets. Examine the refined model gradient-guided scheme that identifies critical input fields and develops sophisticated directed input mutation strategies. Review comprehensive evaluation results showing IDFuzz's ability to accelerate existing directed fuzzers by over 2.48x in reproducing target vulnerabilities on the Google Fuzzer Test Suite while reducing ineffective mutations by 91.86%. Learn about the practical impact through the detection of 6 previously unknown vulnerabilities with 4 CVE IDs assigned and 1 incomplete fix of a high-severity vulnerability in well-tested real-world software, demonstrating IDFuzz's effectiveness as an input mutation module that complements most open-source state-of-the-art directed fuzzers.
