Sand: Decoupling Sanitization from Fuzzing for Low Overhead
Sanitizers provide robust test oracles for various vulnerabilities. Fuzzing on sanitizer-enabled programs has been the best practice to find software bugs. Since sanitizers require heavy program instrumentation to insert run-time checks, sanitizerenabled programs have much higher overhead compared t...
Uloženo v:
| Vydáno v: | Proceedings / International Conference on Software Engineering s. 255 - 267 |
|---|---|
| Hlavní autoři: | , , , |
| Médium: | Konferenční příspěvek |
| Jazyk: | angličtina |
| Vydáno: |
IEEE
26.04.2025
|
| Témata: | |
| ISSN: | 1558-1225 |
| On-line přístup: | Získat plný text |
| Tagy: |
Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
| Abstract | Sanitizers provide robust test oracles for various vulnerabilities. Fuzzing on sanitizer-enabled programs has been the best practice to find software bugs. Since sanitizers require heavy program instrumentation to insert run-time checks, sanitizerenabled programs have much higher overhead compared to normally built programs. In this paper, we present SAND, a new fuzzing framework that decouples sanitization from the fuzzing loop. SAND performs fuzzing on a normally built program and only invokes the sanitizerenabled program when input is shown to be interesting. Since most of the generated inputs are not interesting, i.e., not bugtriggering, SAND allows most of the fuzzing time to be spent on the normally built program. We further introduce execution pattern to practically and effectively identify interesting inputs. We implement SAND on top of AFL++ and evaluate it on 20 real-world programs. Our extensive evaluation highlights its effectiveness: in 24 hours, compared to all the baseline fuzzers, SAND significantly discovers more bugs while not missing any. |
|---|---|
| AbstractList | Sanitizers provide robust test oracles for various vulnerabilities. Fuzzing on sanitizer-enabled programs has been the best practice to find software bugs. Since sanitizers require heavy program instrumentation to insert run-time checks, sanitizerenabled programs have much higher overhead compared to normally built programs. In this paper, we present SAND, a new fuzzing framework that decouples sanitization from the fuzzing loop. SAND performs fuzzing on a normally built program and only invokes the sanitizerenabled program when input is shown to be interesting. Since most of the generated inputs are not interesting, i.e., not bugtriggering, SAND allows most of the fuzzing time to be spent on the normally built program. We further introduce execution pattern to practically and effectively identify interesting inputs. We implement SAND on top of AFL++ and evaluate it on 20 real-world programs. Our extensive evaluation highlights its effectiveness: in 24 hours, compared to all the baseline fuzzers, SAND significantly discovers more bugs while not missing any. |
| Author | Huang, Heqing Li, Shaohua Su, Zhendong Kong, Ziqiao |
| Author_xml | – sequence: 1 givenname: Ziqiao surname: Kong fullname: Kong, Ziqiao email: ziqiao001@e.ntu.edu.sg organization: ETH Zurich and Nanyang Technological University – sequence: 2 givenname: Shaohua surname: Li fullname: Li, Shaohua email: shaohuali@cuhk.edu.hk organization: The Chinese University of Hong Kong – sequence: 3 givenname: Heqing surname: Huang fullname: Huang, Heqing email: heqhuang@cityu.edu.hk organization: City University of Hong Kong – sequence: 4 givenname: Zhendong surname: Su fullname: Su, Zhendong email: zhendong.su@inf.ethz.ch organization: ETH Zurich |
| BookMark | eNotj81Kw0AUhUdRsK19gy7yAon3zk9mRlcSWy0Euqiuy2Ryo5E2U5JUaZ7eiK4OnA8O35myqyY0xNgCIUEEe7fOtkulhNQJB64SADT6gs2ttkYIVKBSi5dsgkqZGDlXN2zadZ8AkEprJ-xh65ryPnoiH07Hfd28R2NR9_Xg-jo0UdWGQ7Q6DcMvqUIb5eE72nxR-0GuvGXXldt3NP_PGXtbLV-zlzjfPK-zxzx2PIU-rlTllCg8GEVGIpbWFFBiidZLJ4XwRhIaIF15oR1x4obc6FcYsB4UiBlb_O3WRLQ7tvXBtefd-J5bzYX4ActQSck |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IH CBEJK RIE RIO |
| DOI | 10.1109/ICSE55347.2025.00187 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan (POP) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP) 1998-present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 9798331505691 |
| EISSN | 1558-1225 |
| EndPage | 267 |
| ExternalDocumentID | 11029723 |
| Genre | orig-research |
| GroupedDBID | -~X .4S .DC 29O 5VS 6IE 6IF 6IH 6IK 6IL 6IM 6IN 8US AAJGR AAWTH ABLEC ADZIZ ALMA_UNASSIGNED_HOLDINGS ARCSS AVWKF BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO EDO FEDTE I-F IEGSK IJVOP IPLJI M43 OCL RIE RIL RIO |
| ID | FETCH-LOGICAL-a260t-f5fa53bc085e8411d98b0d1d19c4a433c84e180e7fc37ae2e28ea006b809c0503 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 1 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=001538318100020&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| IngestDate | Wed Aug 27 01:40:27 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-a260t-f5fa53bc085e8411d98b0d1d19c4a433c84e180e7fc37ae2e28ea006b809c0503 |
| PageCount | 13 |
| ParticipantIDs | ieee_primary_11029723 |
| PublicationCentury | 2000 |
| PublicationDate | 2025-April-26 |
| PublicationDateYYYYMMDD | 2025-04-26 |
| PublicationDate_xml | – month: 04 year: 2025 text: 2025-April-26 day: 26 |
| PublicationDecade | 2020 |
| PublicationTitle | Proceedings / International Conference on Software Engineering |
| PublicationTitleAbbrev | ICSE |
| PublicationYear | 2025 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0006499 |
| Score | 2.2969995 |
| Snippet | Sanitizers provide robust test oracles for various vulnerabilities. Fuzzing on sanitizer-enabled programs has been the best practice to find software bugs.... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 255 |
| SubjectTerms | afl Best practices Computer bugs coverage-guided fuzzing Fuzzing Instruments sanitizers Software Software engineering |
| Title | Sand: Decoupling Sanitization from Fuzzing for Low Overhead |
| URI | https://ieeexplore.ieee.org/document/11029723 |
| WOSCitedRecordID | wos001538318100020&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV27TsMwFL2iFQNTeRTxlgdW0_gVOzAWKpBQqVSQulWOfYNYUlQakPr12GlaxMDAFjmDpePHPdf2uQfg0kbeiomiKuGWytSn1OZaUS0Kz6UwGnNZm03o4dBMJtmoEavXWhhErB-f4VX8rO_y_cxV8aisF0IVjy5ZLWhprVdirc22mwbu3mjjWJL1HvrjO6WE1CEH5PHchJnfDip1ABl0_tn1LnR_pHhktAkye7CF5T501l4MpFmaB3AztqW_Jrchm6yiyPaVjGNhi0ZlSaKKhAyq5TL-CTyVPM6-yFOYxmEv9l14Gdw99-9pY4xAbUg_FrRQhVUid4EuoZGM-czkiWeeZU5aKYQzEplJUBdOaIscuUEbEMpNkrlYAOYQ2uWsxCMgzmAAzioMvEZ64_JAoFKnFbfGF1yZY-hGMKbvq9oX0zUOJ3-0n8JOxDvet_D0DNqLeYXnsO0-F28f84t6xL4BT--WMQ |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV09T8MwED1BQYKpfBTxjQfW0NixYwfGQtWKUiq1SN0qx74glhSVBqT-euw0LWJgYIucwdLzx72z_e4BXGvPWzEUgQiZDnhs40CnUgQyyizjkZKY8tJsQvb7ajxOBpVYvdTCIGL5-Axv_Gd5l2-npvBHZU0Xqph3ydqELcE5o0u51nrjjR17r9RxNEya3dbwQYiIS5cFMn9yQtVvD5UyhLTr_-x8Dxo_YjwyWIeZfdjA_ADqKzcGUi3OQ7gb6tzeknuXTxZeZvtKhr60RaWzJF5HQtrFYuH_OKZKetMv8uwmstuNbQNe2g-jVieorBEC7RKQeZCJTIsoNY4woeKU2kSloaWWJoZrHkVGcaQqRJmZSGpkyBRqh1CqwsT4EjBHUMunOR4DMQodcFqgYzbcKpM6ChUbKZhWNmNCnUDDgzF5X1a_mKxwOP2j_Qp2OqOn3qTX7T-ewa7H3t--sPgcavNZgRewbT7nbx-zy3L0vgFRuZl4 |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=Proceedings+%2F+International+Conference+on+Software+Engineering&rft.atitle=Sand%3A+Decoupling+Sanitization+from+Fuzzing+for+Low+Overhead&rft.au=Kong%2C+Ziqiao&rft.au=Li%2C+Shaohua&rft.au=Huang%2C+Heqing&rft.au=Su%2C+Zhendong&rft.date=2025-04-26&rft.pub=IEEE&rft.eissn=1558-1225&rft.spage=255&rft.epage=267&rft_id=info:doi/10.1109%2FICSE55347.2025.00187&rft.externalDocID=11029723 |