UniFuzz: Optimizing Distributed Fuzzing via Dynamic Centralized Task Scheduling

by   Xu Zhou, et al.

Fuzzing is one of the most efficient technology for vulnerability detection. Since the fuzzing process is computing-intensive and the performance improved by algorithm optimization is limited, recent research seeks to improve fuzzing performance by utilizing parallel computing. However, parallel fuzzing has to overcome challenges such as task conflicts, scalability in a distributed environment, synchronization overhead, and workload imbalance. In this paper, we design and implement UniFuzz, a distributed fuzzing optimization based on a dynamic centralized task scheduling. UniFuzz evaluates and distributes seeds in a centralized manner to avoid task conflicts. It uses a "request-response" scheme to dynamically distribute fuzzing tasks, which avoids workload imbalance. Besides, UniFuzz can adaptively switch the role of computing cores between evaluating, and fuzzing, which avoids the potential bottleneck of seed evaluation. To improve synchronization efficiency, UniFuzz shares different fuzzing information in a different way according to their characteristics, and the average overhead of synchronization is only about 0.4%. We evaluated UniFuzz with real-world programs, and the results show that UniFuzz outperforms state-of-the-art tools, such as AFL, PAFL and EnFuzz. Most importantly, the experiment reveals a counter-intuitive result that parallel fuzzing can achieve a super-linear acceleration to the single-core fuzzing. We made a detailed explanation and proved it with additional experiments. UniFuzz also discovered 16 real-world vulnerabilities.


Task-Graph Scheduling Extensions for Efficient Synchronization and Communication

Task graphs have been studied for decades as a foundation for scheduling...

Distributed Deep Learning Model for Intelligent Video Surveillance Systems with Edge Computing

In this paper, we propose a Distributed Intelligent Video Surveillance (...

Jupiter: A Networked Computing Architecture

In the era of Internet of Things, there is an increasing demand for netw...

Efficient Data-Plane Memory Scheduling for In-Network Aggregation

As the scale of distributed training grows, communication becomes a bott...

Switch as a Verifier: Toward Scalable Data Plane Checking via Distributed, On-Device Verification

Data plane verification (DPV) is important for finding network errors. C...

GAPP: A Fast Profiler for Detecting Serialization Bottlenecks in Parallel Linux Applications

We present a parallel profiling tool, GAPP, that identifies serializatio...

Bounding the Response Time of DAG Tasks Using Long Paths

In 1969, Graham developed a well-known response time bound for a DAG tas...

Please sign up or login with your details

Forgot password? Click here to reset