event

PhD Defense by Mansour Alharthi

Title: Targeted Path Exploration for Directed Fuzzing

 

Date: Wed. May 21st 2025

Time: 1:00 PM – 3:00 PM EST

Location: (hybrid) CODA 0903 Ansley, and Zoom (https://gatech.zoom.us/j/93919858357?from=addon)

 

Mansour Alharthi

School of Computer Science & School of Cybersecurity and Privacy

College of Computing

Georgia Institute of Technology

 

Committee:

Dr. Taesoo Kim (advisor), School of Cybersecurity and Privacy, Georgia Institute of Technology

Dr. Brendan D. Saltaformaggio, School of Cybersecurity and Privacy, Georgia Institute of Technology

Dr. Qirun Zhang - School of Computer Science, Georgia Institute of Technology

Dr. Alessandro Orso - School of Computer Science, Georgia Institute of Technology

Dr. Chengyu Song - Department of Computer Science and Engineering, University of California, Riverside

 

Abstract:

Directed graybox fuzzing (DGF) aims to accelerate vulnerability discovery by

steering input generation toward specific program locations of interest.

However, conventional approaches often prioritize inputs along the shortest

paths to the target, overlooking the complexity and structural nuances of

modern control-flow graphs (CFGs). This narrow focus can lead to inefficient

exploration and entrapment in local minima.

 

This thesis introduces a set of novel techniques to improve the path diversity

of DGFs through more informed and adaptive exploration strategies. First, we

leverage closeness centrality, a graph-theoretic metric that captures a node’s

average reachability within the CFG. By prioritizing paths with stronger

structural connectivity—rather than solely the shortest distance—we enable the

fuzzer to uncover richer execution paths. Second, we present program discovery,

a dynamic mechanism for tracking meaningful progress during fuzzing and

adjusting exploration intensity accordingly. Third, we propose an input

prioritization scheme that jointly considers target proximity and path

diversity.

 

Overall, this thesis highlights the importance of diversity-oriented guidance in

directed fuzzing and identifies a key trade-off: aggressively pursuing the

target may yield faster hits, but at the expense of exploring alternative,

potentially valuable paths.

 

 

 

Media

No media selected

Summary

Targeted Path Exploration for Directed Fuzzing

Details

Wednesday
May 21 2025
01:00pm - 03:00pm

Location: (hybrid) CODA 0903 Ansley, and Zoom

In campus calendar: No

Sidebar Content

No sidebar content

Groups

Status

  • Workflow Status:Published
  • Created By:Tatianna Richardson
  • Created:05/09/2025
  • Modified By:Tatianna Richardson
  • Modified:05/09/2025

Related Links

  • No related links.

Categories

Keywords

Target Audience