POWER: Program Option-Aware Fuzzer for High Bug Detection Ability
Most programs with command-line interface (CLI) have dozens of command-line options (e.g.,-l,-F,-R for ls) to alternate the operation of the programs. Thus, depending on the option configurations (i.e., a list of options like-l-F and-F-R) applied during fuzzing, the test coverage and crash detection results can vary significantly. In this paper, we propose a novel fuzzing technique POWER that detects more crashes than the cutting-edge fuzzers by actively constructing and carefully selecting various program option configurations. The salient idea of POWER is to enforce diverse executions of a target program by selecting a set of the option configurations each of which is far 'different/distant' from the others in the set. Another core idea of POWER is to apply different fuzzing strategies to different input domains (i.e., option configurations and input files) to increase testing effectiveness within limited time budget. The experiment results on the 30 real-world programs show that POWER detects significantly more crash bugs than the state-of-the-art fuzzing techniques.
- Issue Date
- 2022-04-06
- Language
- English
- Citation
IEEE International Conference on Software Testing, Verification and Validation (ICST), pp.220 - 231
- Appears in Collection
- CS-Conference Papers(학술회의논문)
- Files in This Item
- There are no files associated with this item.
This item is cited by other documents in WoS
| ⊙ Detail Information in WoSⓡ | Click to see |  |
| ⊙ Cited 3 items in WoS | Click to see citing articles in |  |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.