<node id="682304">
  <nid>682304</nid>
  <type>event</type>
  <uid>
    <user id="27707"><![CDATA[27707]]></user>
  </uid>
  <created>1746804271</created>
  <changed>1747756635</changed>
  <title><![CDATA[PhD Defense by Mansour Alharthi]]></title>
  <body><![CDATA[<p><strong>Title</strong>: Targeted Path Exploration for Directed Fuzzing</p><p>&nbsp;</p><p><strong>Date</strong>: Wed. May 21st 2025</p><p><strong>Time</strong>: 10 AM</p><p><strong>Location</strong>: (hybrid) CODA 0903 Ansley, and Zoom (<a href="https://gatech.zoom.us/j/93919858357?from=addon">https://gatech.zoom.us/j/93919858357?from=addon</a>)</p><p>&nbsp;</p><p><strong>Mansour Alharthi</strong></p><p>School of Computer Science &amp; School of Cybersecurity and Privacy</p><p>College of Computing</p><p>Georgia Institute of Technology</p><p>&nbsp;</p><p><strong>Committee:</strong></p><p>Dr. Taesoo Kim <em>(advisor)</em>, School of Cybersecurity and Privacy, Georgia Institute of Technology</p><p>Dr. Brendan D. Saltaformaggio, School of Cybersecurity and Privacy, Georgia Institute of Technology</p><p>Dr. Qirun Zhang - School of Computer Science, Georgia Institute of Technology</p><p>Dr. Alessandro Orso - School of Computer Science, Georgia Institute of Technology</p><p>Dr. Chengyu Song - Department of Computer Science and Engineering,&nbsp;University of California, Riverside</p><p>&nbsp;</p><p><strong>Abstract:</strong></p><p>Directed graybox fuzzing (DGF) aims to accelerate vulnerability discovery by</p><p>steering input generation toward specific program locations of interest.</p><p>However, conventional approaches often prioritize inputs along the shortest</p><p>paths to the target, overlooking the complexity and structural nuances of</p><p>modern control-flow graphs (CFGs). This narrow focus can lead to inefficient</p><p>exploration and entrapment in local minima.</p><p>&nbsp;</p><p>This thesis introduces a set of novel techniques to improve the path diversity</p><p>of DGFs through more informed and adaptive exploration strategies. First, we</p><p>leverage closeness centrality, a graph-theoretic metric that captures a node’s</p><p>average reachability within the CFG. By prioritizing paths with stronger</p><p>structural connectivity—rather than solely the shortest distance—we enable the</p><p>fuzzer to uncover richer execution paths. Second, we present program discovery,</p><p>a dynamic mechanism for tracking meaningful progress during fuzzing and</p><p>adjusting exploration intensity accordingly. Third, we propose an input</p><p>prioritization scheme that jointly considers target proximity and path</p><p>diversity.</p><p>&nbsp;</p><p>Overall, this thesis highlights the importance of diversity-oriented guidance in</p><p>directed fuzzing and identifies a key trade-off: aggressively pursuing the</p><p>target may yield faster hits, but at the expense of exploring alternative,</p><p>potentially valuable paths.</p><p>&nbsp;</p><p>&nbsp;</p><p>&nbsp;</p>]]></body>
  <field_summary_sentence>
    <item>
      <value><![CDATA[Targeted Path Exploration for Directed Fuzzing]]></value>
    </item>
  </field_summary_sentence>
  <field_summary>
    <item>
      <value><![CDATA[<p>Targeted Path Exploration for Directed Fuzzing</p>]]></value>
    </item>
  </field_summary>
  <field_time>
    <item>
      <value><![CDATA[2025-05-21T10:00:00-04:00]]></value>
      <value2><![CDATA[2025-05-21T12:00:00-04:00]]></value2>
      <rrule><![CDATA[]]></rrule>
      <timezone><![CDATA[America/New_York]]></timezone>
    </item>
  </field_time>
  <field_fee>
    <item>
      <value><![CDATA[]]></value>
    </item>
  </field_fee>
  <field_extras>
      </field_extras>
  <field_audience>
          <item>
        <value><![CDATA[Public]]></value>
      </item>
      </field_audience>
  <field_media>
      </field_media>
  <field_contact>
    <item>
      <value><![CDATA[]]></value>
    </item>
  </field_contact>
  <field_location>
    <item>
      <value><![CDATA[(hybrid) CODA 0903 Ansley, and Zoom ]]></value>
    </item>
  </field_location>
  <field_sidebar>
    <item>
      <value><![CDATA[]]></value>
    </item>
  </field_sidebar>
  <field_phone>
    <item>
      <value><![CDATA[]]></value>
    </item>
  </field_phone>
  <field_url>
    <item>
      <url><![CDATA[]]></url>
      <title><![CDATA[]]></title>
            <attributes><![CDATA[]]></attributes>
    </item>
  </field_url>
  <field_email>
    <item>
      <email><![CDATA[]]></email>
    </item>
  </field_email>
  <field_boilerplate>
    <item>
      <nid><![CDATA[]]></nid>
    </item>
  </field_boilerplate>
  <links_related>
      </links_related>
  <files>
      </files>
  <og_groups>
          <item>221981</item>
      </og_groups>
  <og_groups_both>
          <item><![CDATA[Graduate Studies]]></item>
      </og_groups_both>
  <field_categories>
          <item>
        <tid>1788</tid>
        <value><![CDATA[Other/Miscellaneous]]></value>
      </item>
      </field_categories>
  <field_keywords>
          <item>
        <tid>100811</tid>
        <value><![CDATA[Phd Defense]]></value>
      </item>
      </field_keywords>
  <field_userdata><![CDATA[]]></field_userdata>
</node>
