Sadegh Bamohabbat Chafjiri
Improving search space analysis of fuzzing mutators using cryptographic structures
Chafjiri, Sadegh Bamohabbat; Legg, Phil; Tsompanas, Michail-Antisthenis; Hong, Jun
Authors
Professor Phil Legg Phil.Legg@uwe.ac.uk
Professor in Cyber Security
Michail Tsompanas Antisthenis.Tsompanas@uwe.ac.uk
Lecturer in Computer Science
Jun Hong Jun.Hong@uwe.ac.uk
Professor in Artificial Intelligence
Contributors
Chaminda Hewage
Editor
Liqaa Nawaf
Editor
Nishtha Kesswani
Editor
Abstract
This paper introduces a novel approach to enhance the performance of software fuzzing mutator tools, by leveraging cryptographic structures known as substitution-permutation networks and Feistel networks. By integrating these structures into the existing HonggFuzz fuzzing library, we propose HonggFuzz+ and demonstrate its effectiveness over other leading fuzzers, such as how the method can uncover bugs and edges earlier due to enhanced search space optimisation. By introducing these two structures, we can diversify memory region relationships that can ultimately improve the performance of HonggFuzz. We demonstrate our approach on a range of common software examples from previous software fuzzing literature. Our results show better or as good performance across a range of software targets when compared to other leading fuzzing techniques. We discuss the relevance of the findings and consider future directions for improving software fuzzing search space analysis.
| Presentation Conference Type | Conference Paper (published) |
|---|---|
| Conference Name | International Conference on Cyber Security and Privacy |
| Start Date | Dec 11, 2023 |
| End Date | Dec 12, 2023 |
| Acceptance Date | Nov 16, 2023 |
| Online Publication Date | Sep 18, 2024 |
| Publication Date | Sep 18, 2024 |
| Deposit Date | Dec 15, 2023 |
| Publicly Available Date | Sep 19, 2025 |
| Publisher | Springer |
| Pages | 153-172 |
| Series Title | Lecture Notes in Networks and Systems |
| Series Number | 1032 |
| Series ISSN | 2367-3389 |
| Book Title | AI Applications in Cyber Security and Communication Networks: Proceedings of Ninth International Conference on Cyber Security, Privacy in Communication Networks (ICCS 2023) |
| ISBN | 9789819739721 |
| DOI | https://doi.org/10.1007/978-981-97-3973-8_10 |
| Public URL | https://uwe-repository.worktribe.com/output/11517833 |
Files
This file is under embargo until Sep 19, 2025 due to copyright reasons.
Contact Phil.Legg@uwe.ac.uk to request a copy for personal use.
You might also like
Stop at the red-light is no longer boring
(2022)
Presentation / Conference Contribution
Rate secrecy of networks with game theory approach
(2011)
Presentation / Conference Contribution
Related-key impossible differential cryptanalysis of full-round HIGHT
(2013)
Presentation / Conference Contribution
Vulnerability detection through machine learning-based fuzzing: A systematic review
(2024)
Journal Article
Visual analytics of e-mail sociolinguistics for user behavioural analysis
(2014)
Journal Article
Downloadable Citations
About UWE Bristol Research Repository
Administrator e-mail: repository@uwe.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search