- Library Home /
- Search Collections /
- Open Collections /
- Browse Collections /
- UBC Theses and Dissertations /
- Investigating fuzzing strategies in a CI/CD setup
Open Collections
UBC Theses and Dissertations
UBC Theses and Dissertations
Investigating fuzzing strategies in a CI/CD setup Huang, Huicong (Madonna)
Abstract
Fuzzing best practices suggest that fuzzing should be run for at least 24 hours, if not longer. This recommendation makes it hard to integrate fuzzing into CI/CD contexts, to rapidly check a commit for bugs. Existing studies on CI/CD fuzzing simulated a CI/CD environment by running undirected fuzzers on Magma benchmark programs, which have multiple bugs injected into a single version of the program. Directed fuzzers, such as AFLGo, aim to generate inputs that reach specific target locations in the program being fuzzed. Thus, they should be more effective at fuzzing in a CI/CD environment. In this study, we evaluate both directed and undirected fuzzers in a simulated CI/CD environment. Like prior work, we use Magma as a source of benchmarks, and run fuzzers for 10 minutes. Unlike prior work, we start the fuzzing process from a saturated corpus, rather than Magma's default corpus. Also unlike prior work, we run the fuzzers on versions of Magma programs with a single bug injected. Since Magma patches give directed fuzzers access to too precise information as to the bug location, we provide experimental designs to deal with this threat by adding additional lines of target code to evaluate the sensitivity of directed fuzzers. We report both preliminary results on a small subset of 50 benchmarks and complete results on all of them.
Item Metadata
| Title |
Investigating fuzzing strategies in a CI/CD setup
|
| Creator | |
| Supervisor | |
| Publisher |
University of British Columbia
|
| Date Issued |
2024
|
| Description |
Fuzzing best practices suggest that fuzzing should be run for at least 24 hours, if not longer. This recommendation makes it hard to integrate fuzzing into CI/CD contexts, to rapidly check a commit for bugs. Existing studies on CI/CD fuzzing simulated a CI/CD environment by running undirected fuzzers on Magma benchmark programs, which have multiple bugs injected into a single version of the program. Directed fuzzers, such as AFLGo, aim to generate inputs that reach specific target locations in the program being fuzzed. Thus, they should be more effective at fuzzing in a CI/CD environment. In this study, we evaluate both directed and undirected fuzzers in a simulated CI/CD environment. Like prior work, we use Magma as a source of benchmarks, and run fuzzers for 10 minutes. Unlike prior work, we start the fuzzing process from a saturated corpus, rather than Magma's default corpus. Also unlike prior work, we run the fuzzers on versions of Magma programs with a single bug injected. Since Magma patches give directed fuzzers access to too precise information as to the bug location, we provide experimental designs to deal with this threat by adding additional lines of target code to evaluate the sensitivity of directed fuzzers. We report both preliminary results on a small subset of 50 benchmarks and complete results on all of them.
|
| Genre | |
| Type | |
| Language |
eng
|
| Date Available |
2024-11-25
|
| Provider |
Vancouver : University of British Columbia Library
|
| Rights |
Attribution-NonCommercial-NoDerivatives 4.0 International
|
| DOI |
10.14288/1.0447328
|
| URI | |
| Degree | |
| Program | |
| Affiliation | |
| Degree Grantor |
University of British Columbia
|
| Graduation Date |
2025-05
|
| Campus | |
| Scholarly Level |
Graduate
|
| Rights URI | |
| Aggregated Source Repository |
DSpace
|
Item Media
Item Citations and Data
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International