DeepGo: Predictive Directed Greybox Fuzzing
Peihong Lin
Network and Distributed System Security (NDSS) Symposium 2024 · Day 3 · Kernel Fuzzing
In the realm of software security, **Directed Greybox Fuzzing (DGF)** has emerged as a powerful technique for efficiently identifying vulnerabilities by guiding fuzzing efforts towards specific target code areas. However, current state-of-the-art DGF methods primarily rely on heuristic algorithms that leverage historical execution data. This reliance creates a significant limitation: these fuzzers often lack foresight, struggling to navigate complex, unexplored paths or satisfy intricate constraints that are hard to guess through random mutations. This leads to inefficiencies, particularly when dealing with deeply nested or conditionally protected code.