Software flaws can be much more than an annoyance, they can also be exploited by attackers to break into a system. As such, finding and fixing these vulnerabilities is an essential work to ensure security of computing systems.
My work has explored various techniques for finding these bugs automatically. In this talk, I will briefly present a method of combining fuzzing and symbolic execution to find software flaws. Then I will discuss how this led me to an investigation of selection strategies in fuzzing. By combining multiple strategies in parallel, we were able to improve on the bug-finding capabilities of state-of-the-art fuzzers. Following this, I will talk about my work on uncooperative patching of security bugs.
Of course, bug finding techniques need to be explored from multiple angles, not just from the side of fuzzing. The last part of my talk will be a brief discussion for other research directions, such as static analysis, and potential improvements.