Data-Driven Vulnerability Pattern Analysis for Fuzzing

Fuzzing has become one of the most effective and easy-to-use testing techniques for finding crashes and vulnerabilities in software products. Unfortunately, with sustained growth of software complexity and limited time or resource budget, fuzzing efficiency is facing severe challenges. In this paper, we leverage statistical analysis methods to present a data-driven vulnerability pattern analysis for fuzzing and dig out some hazardous trigram patterns which may reveal the vulnerability mechanism and further guide the fuzzing procedure from the use patterns of the C standard library aspect. We take advantage of an open-source project VDiscover, a tool that extracts dynamic features of a program, and set up an experiment by collecting a collection of dynamic features of the analyzed buggy programs from Mayhem team. In total, we collected 120540 testcases, 63936 unique execution traces and 158015058 triples for the dataset, as well as analyzing the potentially hazardous trigram patterns.