Userland implementation of fast and accurate process snapshotting for fuzzing on Windows
2024 Volume 41 Issue 4 Pages 4_74-4_80
Details
2024 Volume 41 Issue 4 Pages 4_74-4_80
Fuzzing is the most widely used method for uncovering software security vulnerabilities, and many fuzzing implementations (fuzzers) are available on Linux. On Windows, however, only a few fuzzers are available; in particular, there is no process snapshot-based fuzzer that restores the heap fast and accurately on Windows. This paper proposes a novel process snapshotting for fuzzing that restores the entire memory area including heap fast and accurately. As a result of the preliminary experiment using our prototype implementation, our prototype restores the memory area accurately for 5 real-world software. And it also shows that our prototype achieved 3.81x faster, and 1.13x higher code coverage on average, compared to Winnie, which is a texttt{fork}-based fuzzer on Windows.
