CatchFuzz: Reliable active anti-fuzzing techniques against coverage-guided fuzzer

Hee Yeon Kim, Dong Hoon Lee

    Research output: Contribution to journalArticlepeer-review

    Abstract

    Fuzzing techniques that can automatically detect software vulnerabilities are used widely today. However, attackers also abuse these fuzzing techniques to find software vulnerabilities in target programs. Researchers have proposed a number of anti-fuzzing techniques in response to this issue, but most of them cause significant computational overhead regardless of whether programs operate under the fuzzing environment or not. To this point, we develop a new anti-fuzzer called CatchFuzz, in which an anti-fuzzing algorithm is loaded only after detecting the fuzzing environment. CatchFuzz then breaks down the fuzzing strategy by directly disordering information used by the fuzzing system. These features ensure that there is little performance degradation during normal usage and make a fuzzer interpret an interesting input value as uninteresting. Also, CatchFuzz surpasses existing anti-fuzzing techniques by significantly reducing the number of detected crashes, while also addressing their current limitations. We conduct multiple empirical tests with nine real-world programs to evaluate CatchFuzz and compare our method with existing anti-fuzzers. Our tests show that CatchFuzz identifies the fuzzing environment with an accuracy of 99.6% and a false positive rate of 0.5%. CatchFuzz exhibits highly improved anti-fuzzing performance, as demonstrated by the significant reduction in the number of detected unique crashes by 95.39%.

    Original languageEnglish
    Article number103904
    JournalComputers and Security
    Volume143
    DOIs
    Publication statusPublished - 2024 Aug

    Bibliographical note

    Publisher Copyright:
    © 2024 Elsevier Ltd

    Keywords

    • Anti-fuzzing
    • Binary hardening
    • Fuzzing
    • Software protection
    • Software security

    ASJC Scopus subject areas

    • General Computer Science
    • Law

    Fingerprint

    Dive into the research topics of 'CatchFuzz: Reliable active anti-fuzzing techniques against coverage-guided fuzzer'. Together they form a unique fingerprint.

    Cite this