Research Assistant (PhD student or Postdoc) in Smart Fuzzing

We are looking to hire a research assistant (PhD student or postdoc) from August 2021 or as soon as possible, on a new project at federal salary level TV-ÖD E13 (approx. 52–65 kEUR depending on experience). The project is initially funded until November 2023.

Fuzzing is one of the most successful contemporary methods for finding bugs and vulnerabilities in software. Its basic idea is attractively simple: feed random data to a program until it crashes or exhibits some other form of erroneous behavior. Now just what kind of random input to generate is an area of active research. Feedback-driven mutation-based fuzzing in particular is responsible for much of the success in recent years. Here, coverage data is collected for each run, and if some input is found to cover interesting new ground, it is used to spawn future generations of inputs. Because source code generally isn't available for many interesting settings, heuristics have to make do with binary-level coverage feedback.

In parallel work, we have built a machine learning system for recovering metadata such as function names for binaries. Because this metadata is lost during compilation, it is immensely valuable for reverse engineering. In this project, we will investigate the use of metadata (both original and automatically inferred) in fuzzing. Using function names and arbitrary labels for code regions, we will adjust seed prioritization in fuzzing as well as improve crash reporting and bucketing. This research will be conducted in the context of a larger project on fuzzing, which involves building and running an experimental fuzzing infrastructure on over 1000 CPU cores.