Waffle: A whitebox AFL-based fuzzer for discovering exhaustive executions

dc.contributor.advisorGhorbani, Ali
dc.contributor.authorBojnordi Arbab, Behnam
dc.date.accessioned2023-09-12T18:43:03Z
dc.date.available2023-09-12T18:43:03Z
dc.date.issued2022-01
dc.description.abstractFuzz testing helps software security researchers investigate the existing vulnerabilities within programs in an automated fashion. AFL is a whitebox coverage-based fuzzer leveraging a genetic algorithm (GA) to search for vulnerabilities inside a program. The inputs to the program, which may affect the program’s execution paths are the chromosomes of GA and the content of the files that make up the genes. AFL investigates code coverages for the program’s executions on each input, and the findings with new coverage information are selected for more testing. This technique guides the fuzzer to discover more regions of code. Waffle, is an AFL-based fuzzer searching for executions with higher resource usages, such as execution time. Waffle searches for files that not only discover new regions of code but also require more resources to complete a run. Waffle modifies the instrumentation and fuzzing modules of AFL, with the intention of storing resource/time-consuming executions. To confirm the correctness of the modifications, the binaries are assessed, and the fuzzing procedure is monitored from a status screen. Finally, the performance of Waffle is compared to AFL-based fuzzers, and it is shown that Waffle discovers exhaustive executions effectively.
dc.description.copyright© Behnam Bojnordi Arbab, 2022
dc.format.extentvi, 80
dc.format.mediumelectronic
dc.identifier.oclc(OCoLC)1416909263en
dc.identifier.otherThesis 10922en
dc.identifier.urihttps://unbscholar.lib.unb.ca/handle/1882/37370
dc.language.isoen
dc.publisherUniversity of New Brunswick
dc.rightshttp://purl.org/coar/access_right/c_abf2
dc.subject.disciplineComputer Science
dc.subject.lcshComputer software.en
dc.subject.lcshComputer security.en
dc.subject.lcshGenetic algorithms.en
dc.titleWaffle: A whitebox AFL-based fuzzer for discovering exhaustive executions
dc.typemaster thesis
oaire.license.conditionother
thesis.degree.disciplineComputer Science
thesis.degree.grantorUniversity of New Brunswick
thesis.degree.levelmasters
thesis.degree.nameM.C.S.

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Behnam Bojnordi Arbab -Thesis.pdf
Size:
3.89 MB
Format:
Adobe Portable Document Format
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.13 KB
Format:
Item-specific license agreed upon to submission
Description: