{"title":"Replication Package for Input Algebras","authors":"Rahul Gopinath, Hamed Nemati, A. Zeller","doi":"10.1109/ICSE-Companion52605.2021.00098","DOIUrl":null,"url":null,"abstract":"Grammar-based fuzzers are effective and efficient. They can produce an infinite number of syntactically valid test inputs, which can be used to explore the input space without bias. However, it is notoriously difficult to generate focused inputs to induce a specific behavior such as failure without affecting their effectiveness. This is the fuzzer taming problem. In our paper Input Algebras, we show how one can specialize the grammar towards inclusion or exclusion of specific patterns, and their arbitrary boolean combinations. The resulting specialized grammars can be used both for focused fuzzing and also as validators that can indicate the presence or absence of specific behavior-inducing input patterns. In our evaluation of real-world bugs, we show that specialized grammars are accurate both in producing and validating targeted inputs. We also provide a completely worked out Jupyter notebook that explains our algorithms in detail along with a sufficient number of examples. Further, we describe in detail how to replicate our evaluation.","PeriodicalId":136929,"journal":{"name":"2021 IEEE/ACM 43rd International Conference on Software Engineering: Companion Proceedings (ICSE-Companion)","volume":"63 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE/ACM 43rd International Conference on Software Engineering: Companion Proceedings (ICSE-Companion)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSE-Companion52605.2021.00098","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Grammar-based fuzzers are effective and efficient. They can produce an infinite number of syntactically valid test inputs, which can be used to explore the input space without bias. However, it is notoriously difficult to generate focused inputs to induce a specific behavior such as failure without affecting their effectiveness. This is the fuzzer taming problem. In our paper Input Algebras, we show how one can specialize the grammar towards inclusion or exclusion of specific patterns, and their arbitrary boolean combinations. The resulting specialized grammars can be used both for focused fuzzing and also as validators that can indicate the presence or absence of specific behavior-inducing input patterns. In our evaluation of real-world bugs, we show that specialized grammars are accurate both in producing and validating targeted inputs. We also provide a completely worked out Jupyter notebook that explains our algorithms in detail along with a sufficient number of examples. Further, we describe in detail how to replicate our evaluation.