A Format Protection Method of Greybox Fuzzing.

Greybox fuzzing, which can fuzz without knowledge of the format, is one of the most advanced fuzzing techniques. However, the lack of format knowledge makes the test cases’ format messy as the fuzzing proceeds and reduces the effectiveness of fuzzing. In this paper, we introduce a format protection method that can protect the format of test cases during greybox fuzzing. Based on prior knowledge, the Naive Bayes classifier is applied to achieve a format check method, which is used to improve the favourite seed selection process and induce the position of variation. The experiment results indicate that this method not only has a higher code coverage ratio and more unique crashes in less time than other fuzzers but also maintains the invalid format ratio at a low level. 24 previously unreported CVEs were exposed.