{"682304":{"#nid":"682304","#data":{"type":"event","title":"PhD Defense by Mansour Alharthi","body":[{"value":"\u003Cp\u003E\u003Cstrong\u003ETitle\u003C\/strong\u003E: Targeted Path Exploration for Directed Fuzzing\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EDate\u003C\/strong\u003E: Wed. May 21st 2025\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003ETime\u003C\/strong\u003E: 10 AM\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003ELocation\u003C\/strong\u003E: (hybrid) CODA 0903 Ansley, and Zoom (\u003Ca href=\u0022https:\/\/gatech.zoom.us\/j\/93919858357?from=addon\u0022\u003Ehttps:\/\/gatech.zoom.us\/j\/93919858357?from=addon\u003C\/a\u003E)\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EMansour Alharthi\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003ESchool of Computer Science \u0026amp; School of Cybersecurity and Privacy\u003C\/p\u003E\u003Cp\u003ECollege of Computing\u003C\/p\u003E\u003Cp\u003EGeorgia Institute of Technology\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003ECommittee:\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003EDr. Taesoo Kim \u003Cem\u003E(advisor)\u003C\/em\u003E, School of Cybersecurity and Privacy, Georgia Institute of Technology\u003C\/p\u003E\u003Cp\u003EDr. Brendan D. Saltaformaggio, School of Cybersecurity and Privacy, Georgia Institute of Technology\u003C\/p\u003E\u003Cp\u003EDr. Qirun Zhang - School of Computer Science, Georgia Institute of Technology\u003C\/p\u003E\u003Cp\u003EDr. Alessandro Orso - School of Computer Science, Georgia Institute of Technology\u003C\/p\u003E\u003Cp\u003EDr. Chengyu Song - Department of Computer Science and Engineering,\u0026nbsp;University of California, Riverside\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u003Cstrong\u003EAbstract:\u003C\/strong\u003E\u003C\/p\u003E\u003Cp\u003EDirected graybox fuzzing (DGF) aims to accelerate vulnerability discovery by\u003C\/p\u003E\u003Cp\u003Esteering input generation toward specific program locations of interest.\u003C\/p\u003E\u003Cp\u003EHowever, conventional approaches often prioritize inputs along the shortest\u003C\/p\u003E\u003Cp\u003Epaths to the target, overlooking the complexity and structural nuances of\u003C\/p\u003E\u003Cp\u003Emodern control-flow graphs (CFGs). This narrow focus can lead to inefficient\u003C\/p\u003E\u003Cp\u003Eexploration and entrapment in local minima.\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003EThis thesis introduces a set of novel techniques to improve the path diversity\u003C\/p\u003E\u003Cp\u003Eof DGFs through more informed and adaptive exploration strategies. First, we\u003C\/p\u003E\u003Cp\u003Eleverage closeness centrality, a graph-theoretic metric that captures a node\u2019s\u003C\/p\u003E\u003Cp\u003Eaverage reachability within the CFG. By prioritizing paths with stronger\u003C\/p\u003E\u003Cp\u003Estructural connectivity\u2014rather than solely the shortest distance\u2014we enable the\u003C\/p\u003E\u003Cp\u003Efuzzer to uncover richer execution paths. Second, we present program discovery,\u003C\/p\u003E\u003Cp\u003Ea dynamic mechanism for tracking meaningful progress during fuzzing and\u003C\/p\u003E\u003Cp\u003Eadjusting exploration intensity accordingly. Third, we propose an input\u003C\/p\u003E\u003Cp\u003Eprioritization scheme that jointly considers target proximity and path\u003C\/p\u003E\u003Cp\u003Ediversity.\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003EOverall, this thesis highlights the importance of diversity-oriented guidance in\u003C\/p\u003E\u003Cp\u003Edirected fuzzing and identifies a key trade-off: aggressively pursuing the\u003C\/p\u003E\u003Cp\u003Etarget may yield faster hits, but at the expense of exploring alternative,\u003C\/p\u003E\u003Cp\u003Epotentially valuable paths.\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E\u003Cp\u003E\u0026nbsp;\u003C\/p\u003E","summary":"","format":"limited_html"}],"field_subtitle":"","field_summary":[{"value":"\u003Cp\u003ETargeted Path Exploration for Directed Fuzzing\u003C\/p\u003E","format":"limited_html"}],"field_summary_sentence":[{"value":"Targeted Path Exploration for Directed Fuzzing"}],"uid":"27707","created_gmt":"2025-05-09 15:24:31","changed_gmt":"2025-05-20 15:57:15","author":"Tatianna Richardson","boilerplate_text":"","field_publication":"","field_article_url":"","field_event_time":{"event_time_start":"2025-05-21T10:00:00-04:00","event_time_end":"2025-05-21T12:00:00-04:00","event_time_end_last":"2025-05-21T12:00:00-04:00","gmt_time_start":"2025-05-21 14:00:00","gmt_time_end":"2025-05-21 16:00:00","gmt_time_end_last":"2025-05-21 16:00:00","rrule":null,"timezone":"America\/New_York"},"location":"(hybrid) CODA 0903 Ansley, and Zoom ","extras":[],"groups":[{"id":"221981","name":"Graduate Studies"}],"categories":[],"keywords":[{"id":"100811","name":"Phd Defense"}],"core_research_areas":[],"news_room_topics":[],"event_categories":[{"id":"1788","name":"Other\/Miscellaneous"}],"invited_audience":[{"id":"78771","name":"Public"}],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[],"email":[],"slides":[],"orientation":[],"userdata":""}}}