Friday, October 2, 2015 - 12:00pm to 1:00pm
Location:Traffic 21 Classroom 6501 Gates & Hillman Centers
Speaker:SAMANTHA GOTTLIEB, Ph.D. Student http://www.pdl.cmu.edu/People/samantha.shtml
Black-box mutational fuzzing is a simple yet effective technique to find bugs in software. Given a set of program-seed pairs, we ask how to schedule the fuzzing of these pairs in order to maximize the number of unique bugs found at any point in time. We develop an analytic framework using a mathematical model of black-box mutational fuzzing and use it to evaluate 26 existing and new randomized online scheduling algorithms. Our experiments show that one of our new scheduling algorithms outperforms the multi-armed bandit algorithm in the current version of the CERT Basic Fuzzing Framework by finding 1.5 more unique bugs in the same amount of time.
Joint work with Maverick Woo, Sang Kil Cha, and David Brumley.
Presented in Partial Fulfillment of the CSD Speaking Skills Requirement.