Practical Anti-Fuzzing Techniques With Performance Optimization

Abstract

Fuzzing, an automated software testing technique, has achieved remarkable success in recent years, aiding developers in identifying vulnerabilities. However, fuzzing can also be exploited by attackers to discover zero-day vulnerabilities. To counter this threat, researchers have proposed anti-fuzzing techniques, which aim to impede the fuzzing process by slowing the program down, providing misleading coverage feedback, and complicating data flow, etc. Unfortunately, current anti-fuzzing approaches primarily focus on enhancing defensive capabilities while underestimating the associated overhead and manual efforts required. In our paper, we present No-Fuzz, an efficient and practical anti-fuzzing technique. No-Fuzz stands out in binary-only fuzzing by accurately determining running environments, effectively reducing unnecessary fake block overhead, and replacing resource-intensive functions with lightweight arithmetic operations in anti-hybrid techniques. We have implemented a prototype of No-Fuzz and conducted evaluations to compare its performance against existing approaches. Our evaluations demonstrate that No-Fuzz introduces minimal performance overhead, accounting for less than 10% of the storage cost for a single fake block. Moreover, it achieves a significant 92.2% reduction in total storage costs compared to prior works for an equivalent number of branch reductions. By emphasizing practicality, our study sheds light on improving anti-fuzzing techniques for real-world deployment.