Coverage-guided Greybox fuzzing is regarded as a practical approach to detect software vulnerabilities, which targets to expand code coverage as much as possible. A common implementation is to assign more energy to such seeds which find new edges with less execution time. However, solely considering new edges may less effective because some hard-to-find branches often exist in the complex code of program. Code complexity is one of the key indicators to measure the code security. Compared to the code with simple structure, the program with higher code complexity is more likely to find more branches and cause security problems. To this end, we propose a novel fuzzing method which further use code complexity to optimize power schedule process in AFL (American Fuzzy Lop) and AFLFAST (American Fuzzy Lop Fast) . The goal of our method is to generate inputs which are more bias toward the code with higher complexity of the program under test. In addition, we conduct a preliminary empirical study under three widely used real-world programs, and the experimental results show that the proposed approach can trigger more crashes as well as improve the coverage discovery.

Shengran Wang

School of Computer Science and Communication Engineering, Jiangsu University

Jinfu Chen

Jiangsu University

Saihua Cai

School of Computer Science and Communication Engineering, Jiangsu University

Chi Zhang

Jiangsu University

Haibo Chen

School of Computer Science and Communication Engineering, Jiangsu University

Jingyi Chen

School of Computer Science and Communication Engineering, Jiangsu University