AI-driven fuzzing across the software stack

Speaker: Professor Ho Chen
University of Hong Kong

Title: AI-driven fuzzing across the software stack

Date: Wednesday, 26 February 2025

Time: 10:45am - 12:00noon

Venue: Room 1104 (Academic Concourse; near Lecture Theater A), HKUST

Abstract:

Fuzzing is a popular technique for finding software defects automatically. However, it is challenging to fuzz efficiently at different levels of the software stack. I will share our work on applying AI techniques to fuzzing applications, libraries, and LLVM IR. For applications, we transform a program into a multivariate function over its input values, formulate fuzzing as an optimization problem, and apply machine learning algorithms to the optimization problem. For libraries, we use a Large Language Model to iteratively generate fuzz drivers, and use code coverage to guide the fuzzer to explore undiscovered library code. For LLVM IR, we guarantee input validity while increasing input diversity using constrained mutations and collect accurate coverage feedback by tracking the matcher table. I will discuss the power of AI in fuzzing, the challenges, and future directions.

Biography:

Ho Chen is a chair professor at the University of Hong Kong. His current research interests are AI-driven security and software engineering, and AI security and robustness. He is a fellow of IEEE. More information is available at: https://sec.hku.hk