Security corporations and researchers usually employ fuzzing techniques to find hiding bugs of programs. They collect millions of sample files to test target programs with mutating samples’ byte randomly. However, it wastes lots of time and computation resources because the programs mostly repeat same paths with these samples. In the paper, we design a flexible and efficient method to calculate the minimum set of sample files, refining the original samples but achieve same code coverage.
In addition we also propose a method to monitoring target programs during fuzzing time, assuring fuzzing doesn’t work in vain. Our methods has two properties: 1) minimize the sample set for fast fuzzing and 2) monitoring fuzzing process to make proper adjusting. We have evaluated our methods with several real world programs and the results shows our fuzzing system is capable to detect vulnerabilities in shorter time.