Performant Binary Fuzzing without Source Code using Static Instrumentation
Open Access
Author:
Pauley, Eric
Area of Honors:
Computer Science
Degree:
Bachelor of Science
Document Type:
Thesis
Thesis Supervisors:
Patrick Drew Mcdaniel, Thesis Supervisor Danfeng Zhang, Thesis Honors Advisor
Keywords:
Fuzzing Fuzz Testing Binary Analysis Security
Abstract:
Fuzz testing (fuzzing), a technique for automatically finding exploitable bugs in programs, has seen increased popularity in the security community. While fuzzing techniques can efficiently discover new program behavior, modern fuzzing techniques are largely limited to the analysis of programs with source code available. We investigate the application of state-of-the-art fuzzing techniques to binary programs without source code, using static binary rewriting to modify the programs without recompiling them. Our tool, ReFuzz, allows off-the-shelf binaries to be analyzed using fuzzing techniques that were previously limited to source code. We evaluate our tool against source-available and binary-level fuzzers, and find that ReFuzz can discover similar and, in some cases, more bugs than a recently-published source-level fuzzer. Our work demonstrates the value of binary analysis techniques for fuzzing, and realizes a tool that will allow the security community to meaningfully analyze more software.
