ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-08 08:11:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
AFLplusplus/docs
History
van Hauser 8f4f45c524 incorporated most of the 2.53b changes
2019-07-26 10:35:58 +02:00
..
visualization
afl++ 2.52c initial commit
2019-05-28 16:40:24 +02:00
vuln_samples
afl++ 2.52c initial commit
2019-05-28 16:40:24 +02:00
binaryonly_fuzzing.txt
squash typos
2019-07-25 10:34:03 +02:00
ChangeLog
afl_trace_pc fix
2019-07-25 11:18:14 +02:00
COPYING
afl++ 2.52c initial commit
2019-05-28 16:40:24 +02:00
env_variables.txt
Merge pull request #26 from vanhauser-thc/qemu-compcov
2019-07-20 14:23:07 +02:00
historical_notes.txt
afl++ 2.52c initial commit
2019-05-28 16:40:24 +02:00
INSTALL
afl++ 2.52c initial commit
2019-05-28 16:40:24 +02:00
life_pro_tips.txt
afl++ 2.52c initial commit
2019-05-28 16:40:24 +02:00
notes_for_asan.txt
afl++ 2.52c initial commit
2019-05-28 16:40:24 +02:00
parallel_fuzzing.txt
added AFLfast power schedules from Marcel Boehme and updated the documenation
2019-05-29 14:10:37 +02:00
PATCHES
documentation update
2019-07-25 09:00:22 +02:00
perf_tips.txt
improved documentation
2019-06-25 12:08:50 +02:00
power_schedules.txt
better power schedule documentation
2019-06-23 11:19:51 +02:00
python_mutators.txt
python mutator examples added
2019-06-20 12:22:46 +02:00
QuickStartGuide.txt
improved documentation
2019-06-25 12:08:50 +02:00
README.MOpt
several documentation fixes
2019-07-19 11:17:30 +02:00
sister_projects.txt
updated docs and crash issues with gcc_plugin
2019-07-20 09:06:47 +02:00
status_screen.txt
doc update
2019-06-23 19:38:57 +02:00
technical_details.txt
afl++ 2.52c initial commit
2019-05-28 16:40:24 +02:00
unicorn_mode.txt
Added AFL-Unicorn mode
2019-07-25 02:26:51 +02:00

README.MOpt 

# MOpt(imized) AFL by <puppet@zju.edu.cn>

### 1. Description
MOpt-AFL is a AFL-based fuzzer that utilizes a customized Particle Swarm
Optimization (PSO) algorithm to find the optimal selection probability
distribution of operators with respect to fuzzing effectiveness.
More details can be found in the technical report.

### 2. Cite Information
Chenyang Lyu, Shouling Ji, Chao Zhang, Yuwei Li, Wei-Han Lee, Yu Song and
Raheem Beyah, MOPT: Optimized Mutation Scheduling for Fuzzers,
USENIX Security 2019. 

### 3. Seed Sets
We open source all the seed sets used in the paper 
"MOPT: Optimized Mutation Scheduling for Fuzzers".

### 4. Experiment Results
The experiment results can be found in 
https://drive.google.com/drive/folders/184GOzkZGls1H2NuLuUfSp9gfqp1E2-lL?usp=sharing.
We only open source the crash files since the space is limited. 

### 5. Technical Report
MOpt_TechReport.pdf is the technical report of the paper 
"MOPT: Optimized Mutation Scheduling for Fuzzers", which contains more deatails.

### 6. Parameter Introduction
Most important, you must add the parameter `-L` (e.g., `-L 0`) to launch the
MOpt scheme. 

Option '-L' controls the time to move on to the pacemaker fuzzing mode.
'-L t': when MOpt-AFL finishes the mutation of one input, if it has not
discovered any new unique crash or path for more than t minutes, MOpt-AFL will
enter the pacemaker fuzzing mode. 

Setting 0 will enter the pacemaker fuzzing mode at first, which is
recommended in a short time-scale evaluation. 

Other important parameters can be found in afl-fuzz.c, for instance, 

'swarm_num': the number of the PSO swarms used in the fuzzing process.
'period_pilot': how many times MOpt-AFL will execute the target program
	in the pilot fuzzing module, then it will enter the core fuzzing module.
'period_core': how many times MOpt-AFL will execute the target program in the
	core fuzzing module, then it will enter the PSO updating module.
'limit_time_bound': control how many interesting test cases need to be found
	before MOpt-AFL quits the pacemaker fuzzing mode and reuses the deterministic stage.
	0 < 'limit_time_bound' < 1, MOpt-AFL-tmp.
	'limit_time_bound' >= 1, MOpt-AFL-ever.

Have fun with MOpt in AFL!