Fuzz testing is a fundamental technique employed to identify vulnerabilities within software systems. However, the process can be protracted and resource-intensive, especially when confronted with extensive codebases. In this work, I present FuzzDistill, an approach that harnesses compile-time data and machine learning to refine fuzzing targets. By analyzing compile-time information, such as function call graphs' features, loop information, and memory operations, FuzzDistill identifies high-priority areas of the codebase that are more probable to contain vulnerabilities. I demonstrate the efficacy of my approach through experiments conducted on real-world software, demonstrating substantial reductions in testing time.

翻译：模糊测试是用于识别软件系统中漏洞的一项基础技术。然而，该过程可能耗时且资源密集，尤其是在面对大规模代码库时。本文提出FuzzDistill，一种利用编译时数据和机器学习来优化模糊测试目标的方法。通过分析编译时信息（如函数调用图特征、循环信息及内存操作），FuzzDistill能够识别代码库中更可能包含漏洞的高优先级区域。本文通过在真实软件上进行实验，证明了该方法的有效性，并展示了测试时间的显著减少。