BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Ä¢¹½ÊÓƵ//NONSGML v1.0//EN NAME:PhD defence E. Geretto METHOD:PUBLISH BEGIN:VEVENT DTSTART:20250520T154500 DTEND:20250520T171500 DTSTAMP:20250520T154500 UID:2025/phd-defence-e-geretto@8F96275E-9F55-4B3F-A143-836282E12573 CREATED:20250502T074851 LOCATION:(1st floor) Auditorium, Main building De Boelelaan 1105 1081 HV Amsterdam SUMMARY:PhD defence E. Geretto X-ALT-DESC;FMTTYPE=text/html:

Ä¢¹½ÊÓƵ

Accelerating Modern Gre ybox Fuzzers

Computer scientist Elia Geretto optimised an important tool that helps secure software.

Program mes have vulnerabilities that can be used by an attacker to gain cont rol over the computers they run on. These are often simple mistakes t hat programmers have made when writing code. To eliminate them, secur ity experts review and test code to find and fix vulnerabilities. Exp erts often use tools that can partially automate this process, allowi ng them to explore more code with less effort.

Fuzzers< /strong>
Computer scientist Elia Geretto's research focuses on i mproving fuzzers, one such tool. Specifically, it makes them faster. The core principle of a fuzzer is to give random input to a program a nd see how it behaves. The speed of such a fuzzer is a very important property, since a faster fuzzer can generate more random input and t hus test the program more thoroughly.

The main conclusion Ge retto can draw from his research is that the optimisations he propose s for three specific types of fuzzers, namely snapshot fuzzers, hybri d fuzzers and targeted fuzzers, increase their speed. Furthermore, he has shown that the achieved speed increases result in fuzzers that c an explore programmes more thoroughly. Finally, he shows that buildin g fast fuzzers also helps to draw appropriate conclusions when evalua ting other optimisations, because their effect varies with speed.

Phones and laptops
Geretto's research is impo rtant for security researchers. His optimisations are all publicly av ailable online and can be integrated into existing fuzzers to make th em faster. These improved fuzzers will help security researchers to e valuate code more thoroughly and thus reduce the number of vulnerabil ities in released software.

Furthermore, fewer vulnerabilities in software means that the findings also have an impact on general us ers. Both the devices we use every day, such as phones and laptops, a nd the servers in the cloud that manage our data will become more sec ure.

Geretto's research can be roughly divided into four steps: first, he designed an optimisation that he thought could improve the speed of an existing fuzzer. Next, he implemented the optimisation b y writing code to modify that existing fuzzer. Then, he performed exp eriments to compare the performance of the fuzzer with and without th e optimisation. Finally, he analysed the collected data using statist ical methods to prove that his optimization did indeed improve the pe rformance of the fuzzer.

More information on the

DESCRIPTION: Computer scientist Elia Geretto optimised an impo rtant tool that helps secure software. Programmes have vulne rabilities that can be used by an attacker to gain control over the c omputers they run on. These are often simple mistakes that programmer s have made when writing code. To eliminate them, security experts re view and test code to find and fix vulnerabilities. Experts often use tools that can partially automate this process, allowing them to exp lore more code with less effort. Fuzzers
Comput er scientist Elia Geretto's research focuses on improving fuzzers, on e such tool. Specifically, it makes them faster. The core principle o f a fuzzer is to give random input to a program and see how it behave s. The speed of such a fuzzer is a very important property, since a f aster fuzzer can generate more random input and thus test the program more thoroughly.

The main conclusion Geretto can draw from his research is that the optimisations he proposes for three specific types of fuzzers, namely snapshot fuzzers, hybrid fuzzers and target ed fuzzers, increase their speed. Furthermore, he has shown that the achieved speed increases result in fuzzers that can explore programme s more thoroughly. Finally, he shows that building fast fuzzers also helps to draw appropriate conclusions when evaluating other optimisat ions, because their effect varies with speed. Phones and lapt ops
Geretto's research is important for security researc hers. His optimisations are all publicly available online and can be integrated into existing fuzzers to make them faster. These improved fuzzers will help security researchers to evaluate code more thorough ly and thus reduce the number of vulnerabilities in released software . Furthermore, fewer vulnerabilities in software means that the findi ngs also have an impact on general users. Both the devices we use eve ry day, such as phones and laptops, and the servers in the cloud that manage our data will become more secure. Geretto's research can be r oughly divided into four steps: first, he designed an optimisation th at he thought could improve the speed of an existing fuzzer. Next, he implemented the optimisation by writing code to modify that existing fuzzer. Then, he performed experiments to compare the performance of the fuzzer with and without the optimisation. Finally, he analysed t he collected data using statistical methods to prove that his optimiz ation did indeed improve the performance of the fuzzer. More informat ion on the Accelerating Modern Greybox Fuzzers END:VEVENT END:VCALENDAR