As the use of software to control more of the world inexorably increases, so does the importance of having confidence that software cannot easily be subverted by attackers. To provide this assurance, several techniques have been developed. One of the most effective and low-cost is software fuzzing, which randomly and semi-randomly permutes software inputs (e.g. files or network data). The software being tested is monitored for crashes which generally indicate poor code quality and potential security vulnerabilities. Fuzzing generally produces hundreds or thousands of crashes, each a candidate software vulnerability that must be mitigated. Each crashing input needs to be manually evaluated for exploitability and the severity of the vulnerability. The severity of each crash is a valuable metric to helps prioritize limited remediation resources. What if a system could characterize a crash, automatically, in terms of severity This document proposes the initial research into and the development of an advanced exploitability reasoning system.
