Video of my talk "Expanding the Reach of Fuzz Testing" as part of UMass Amherst's Rising Stars Lecture Series.
11:32 -- PerfFuzz
19:49 -- FuzzFactory
25:13 -- FairFuzz
30:42 -- Zest + JQF
38:10 -- RLCheck
43:00 -- AutoPandas
Abstract:
Software bugs, leading to correctness or security issues, are pervasive in modern software. Fuzzing or fuzz testing is a method to find such bugs automatically by sending many random-looking inputs to the program under test. Recently, coverage-guided fuzz testing, which leverages an evolutionary algorithm to guide its test-input generation, has gained huge traction in industry and academia thanks to its scalability and bug-finding power. However, due to its random-mutation-based input generation technique, coverage-guided fuzzing cannot reach far beyond the syntax analysis stage of programs. In this talk, I will introduce several projects expanding the reach of fuzz testing. First, I will introduce methods that enable fuzz testing to find inputs hitting deeply nested branches and inputs that expose performance bottlenecks in programs. Then, I will explore how leveraging human knowledge---in the form of input generators---allows coverage-guided fuzzing's evolutionary algorithm to explore behavior and bugs deep in the core logic of the program. Finally, I will share a key insight that enables us to pair these input generators with machine learning methods to achieve huge speedups in valid input generation, and even step towards program synthesis for real-world APIs.
website: www.carolemieux.com
twitter: @cestlemieux