Coverage-based Greybox Fuzzing (CGF) is a practical and effective solution for finding bugs and vulnerabilities in software. A key challenge of CGF is how to select conducive seeds and allocate accurate energy. To address this problem, we propose a novel many-objective optimization solution, MooFuzz, which can identify different states of the seed pool and continuously gather different information about seeds to guide seed schedule and energy allocation. First, MooFuzz conducts risk marking in dangerous positions of the source code. Second, it can automatically update the collected information, including the path risk, the path frequency, and the mutation information. Next, MooFuzz classifies seed pool into three states and adopts different objectives to select seeds. Finally, we design an energy recovery mechanism to monitor energy usage in the fuzzing process and reduce energy consumption. We implement our fuzzing framework and evaluate it on seven real-world programs. The experimental results show that MooFuzz outperforms other state-of-the-art fuzzers, including AFL, AFLFast, FairFuzz, and PerfFuzz, in terms of path discovery and bug detection.

中文翻译：

---

MooFuzz：Fuzzer的多目标优化种子计划

基于覆盖率的Greybox Fuzzing（CGF）是一种实用有效的解决方案，用于发现软件中的错误和漏洞。CGF的关键挑战是如何选择有益的种子并分配准确的能量。为了解决这个问题，我们提出了一种新颖的多目标优化解决方案MooFuzz，它可以识别种子库的不同状态，并不断收集有关种子的不同信息，以指导种子进度和能量分配。首先，MooFuzz在源代码的危险位置进行风险标记。其次，它可以自动更新收集的信息，包括路径风险，路径频率和突变信息。接下来，MooFuzz将种子库分为三个状态，并采用不同的目标来选择种子。最后，我们设计了一种能量回收机制，以监控模糊过程中的能源使用情况并减少能耗。我们实施模糊测试框架，并在七个实际程序中对其进行评估。实验结果表明，在路径发现和错误检测方面，MooFuzz优于其他最新的Fuzzer，包括AFL，AFLFast，FairFuzz和PerfFuzz。