DIAR: Removing Uninteresting Bytes from Seeds in Software Fuzzing
This addresses inefficiencies in software fuzzing for developers and security researchers, but it appears incremental as it builds on existing fuzzing methods.
The paper tackles the problem of wasted fuzzing resources due to uninteresting bytes in large seeds by presenting DIAR, a technique that reduces seed size based on coverage, with preliminary results showing faster discovery of new paths and higher overall coverage.
Software fuzzing mutates bytes in the test seeds to explore different behaviors of the program under test. Initial seeds can have great impact on the performance of a fuzzing campaign. Mutating a lot of uninteresting bytes in a large seed wastes the fuzzing resources. In this paper, we present the preliminary results of our approach that aims to improve the performance of fuzzers through identifying and removing uninteresting bytes in the seeds. In particular, we present DIAR, a technique that reduces the size of the seeds based on their coverage. Our preliminary results suggest fuzzing campaigns that start with reduced seeds, find new paths faster, and can produce higher coverage overall.