About Fuzzification

Fuzzification helps developers protect the released, binary-only software from attackers who are capable of applying state-of-the-art fuzzing techniques. Given a performance budget, this approach aims to hinder the fuzzing process from adversaries as much as possible.

Existing Fuzzification components

SpeedBump: Amplifies the slowdown in normal executions by hundreds of times to the fuzzed execution.
BranchTrap: Interfers with feedback logic by hiding paths and polluting coverage maps.
AntiHybrid: Hinders taint-analysis and symbolic execution.

Envorinment

Tested on Ubuntu 16.04 64bit and LLVM 5.0 (with gold plugin)

Quick start

Authors

Jinho Jung (Point of Contact) jinho.jung@gatech.edu
Hong Hu hhu86@gatech.edu
David Solodukhin david.solodukhin@gatech.edu
Daniel Pagan dpagan@gatech.edu
Kyu Hyung Lee kyuhlee@uga.edu
Taesoo Kim taesoo@gatech.edu

Publications

@inproceedings{jung2019fuzzification,
  title={FUZZIFICATION: Anti-Fuzzing Techniques},
  author={Jung, Jinho and Hu, Hong and Solodukhin, David and Pagan, Daniel and Lee, Kyu Hyung and Kim, Taesoo},
  booktitle={28th USENIX Security Symposium (USENIX Security 19)},
  pages={1913--1930},
  year={2019}
}

About

We hinder fuzzing

Languages

Language:C 70.7%Language:C++ 22.7%Language:Python 3.4%Language:Makefile 1.4%Language:Shell 1.2%Language:M4 0.4%Language:CMake 0.1%Language:HTML 0.1%Language:TSQL 0.0%Language:PLpgSQL 0.0%Language:Rich Text Format 0.0%Language:JavaScript 0.0%