主要的工作是基于aflgo的框架做的改进。 可按照aflgo的流程 1)获取cg、cfg图 2)将距离计算脚本替换为pre-dominate脚本,用于获取dominate节点 3)aflgo/llvm_mode下主要对afl-llvm-pass.so.cc 增加了获取dominate节点的插桩随机值的代码 4)nn1中添加了基于随机值计算出的一些边。
See IEEE S&P(Oakland)'19 slides and paper NEUZZ: Efficient Fuzzing with Neural Program Smoothing for details.
Tested on a machine with Nvidia 1080Ti, Ubuntu 16.04/18.04, Tensorflow 1.8.0 and Keras 2.2.3.
We recommend running NEUZZ on a machine with a Nvidia 1080Ti or higher for efficient NN training.
- Python 2.7
- Tensorflow
- Keras
gcc -O3 -funroll-loops ./neuzz.c -o neuzzWe use a sample program readelf as an example.
Open a terminal, start nn module
#python nn.py [program [arguments]]
python nn.py ./readelf -aopen another terminal, start neuzz module.
#./neuzz -i in_dir -o out_dir -l mutation_len [program path [arguments]] @@
./neuzz -i neuzz_in -o seeds -l 7506 ./readelf -a @@ If you want to try NEUZZ on a new program,
- Compile the new program from source code using afl-gcc.
- Collect the training data by running AFL on the binary for a while(about an hour), then copy the queue folder to neuzz_in.
- Follow the above two steps to start NN module and NEUZZ module.
Try 10 real-world programs on NEUZZ. Check setup details at programs/[program names]/README.
Feel free to send me email about Neuzz. dongdong at cs.columbia.edu