English
Related papers

Related papers: Angora: Efficient Fuzzing by Principled Search

200 papers

Greybox fuzzing is one of the most useful and effective techniques for the bug detection in large scale application programs. It uses minimal amount of instrumentation. American Fuzzy Lop (AFL) is a popular coverage based evolutionary…

Artificial Intelligence · Computer Science 2018-06-12 Ketan Patil , Aditya Kanade

Deep learning (DL) libraries are widely used in critical applications, where even subtle silent bugs can lead to serious consequences. While existing DL fuzzing techniques have made progress in detecting crashes, they inherently struggle to…

Software Engineering · Computer Science 2026-03-02 Kunpeng Zhang , Dongwei Xiao , Daoyuan Wu , Shuai Wang , Jiali Zhao , Yuanyi Lin , Tongtong Xu , Shaohua Wang

The rapidly developing deep learning (DL) techniques have been applied in software systems with various application scenarios. However, they could also pose new safety threats with potentially serious consequences, especially in…

Software Engineering · Computer Science 2024-05-14 Pin Ji , Yang Feng , Duo Wu , Lingyue Yan , Pengling Chen , Jia Liu , Zhihong Zhao

While fuzzing is widely accepted as an efficient program testing technique, it is still unclear how to measure the comparative quality of different fuzzers. The current de facto quality metrics are edge coverage and the number of discovered…

Software Engineering · Computer Science 2024-09-24 Gwangmu Lee

Mutation testing can help minimize the delivery of faulty software. Therefore, it is a recommended practice for developing embedded software in safety-critical cyber-physical systems (CPS). However, state-of-the-art mutation testing…

Software Engineering · Computer Science 2025-07-04 Jaekwon Lee , Fabrizio Pastore , Lionel Briand

Fuzzing is one of the most effective technique to identify potential software vulnerabilities. Most of the fuzzers aim to improve the code coverage, and there is lack of directedness (e.g., fuzz the specified path in a software). In this…

Cryptography and Security · Computer Science 2020-10-26 Xiaogang Zhu , Shigang Liu , Xian Li , Sheng Wen , Jun Zhang , Camtepe Seyit , Yang Xiang

Fuzzing is an increasingly popular technique for verifying software functionalities and finding security vulnerabilities. However, current mutation-based fuzzers cannot effectively test database management systems (DBMSs), which strictly…

Cryptography and Security · Computer Science 2020-06-04 Rui Zhong , Yongheng Chen , Hong Hu , Hangfan Zhang , Wenke Lee , Dinghao Wu

Deep Learning (DL) library bugs affect downstream DL applications, emphasizing the need for reliable systems. Generating valid input programs for fuzzing DL libraries is challenging due to the need for satisfying both language…

Software Engineering · Computer Science 2023-04-05 Yinlin Deng , Chunqiu Steven Xia , Chenyuan Yang , Shizhuo Dylan Zhang , Shujing Yang , Lingming Zhang

Many protocol implementations are reactive systems, where the protocol process is in continuous interaction with other processes and the environment. If a bug can be exposed only in a certain state, a fuzzer needs to provide a specific…

Cryptography and Security · Computer Science 2023-06-06 Jinsheng Ba , Marcel Böhme , Zahra Mirzamomen , Abhik Roychoudhury

Most software that runs on computers undergoes processing by compilers. Since compilers constitute the fundamental infrastructure of software development, their correctness is paramount. Over the years, researchers have invested in…

Software Engineering · Computer Science 2023-06-19 Haoyang Ma

Correctness and robustness are essential for logic synthesis applications, but they are often only tested with a limited set of benchmarks. Moreover, when the application fails on a large benchmark, the debugging process may be tedious and…

Software Engineering · Computer Science 2022-07-28 Siang-Yun Lee , Heinz Riener , Giovanni De Micheli

Patch fuzzing is a technique aimed at identifying vulnerabilities that arise from newly patched code. While researchers have made efforts to apply patch fuzzing to testing JavaScript engines with considerable success, these efforts have…

Cryptography and Security · Computer Science 2025-05-02 Junjie Wang , Yuhan Ma , Xiaofei Xie , Xiaoning Du , Xiangwei Zhang

The rapid development of large language models (LLMs) has revolutionized software testing, particularly fuzz testing, by automating the generation of diverse and effective test inputs. This advancement holds great promise for improving…

Software Engineering · Computer Science 2025-10-14 Linghan Huang , Peizhou Zhao , Huaming Chen

WebAssembly binaries are often compiled from memory-unsafe languages, such as C and C++. Because of WebAssembly's linear memory and missing protection features, e.g., stack canaries, source-level memory vulnerabilities are exploitable in…

Cryptography and Security · Computer Science 2021-11-01 Daniel Lehmann , Martin Toldam Torp , Michael Pradel

As processor designs grow more complex, verification remains bottlenecked by slow software simulation and low-quality random test stimuli. Recent research has applied software fuzzers to hardware verification, but these rely on semantically…

Hardware Architecture · Computer Science 2026-03-05 Juncheng Huo , Yunfan Gao , Xinxin Liu , Sa Wang , Yungang Bao , Xitong Gao , Kan Shi

Fuzzing is an automated application vulnerability detection method. For genetic algorithm-based fuzzing, it can mutate the seed files provided by users to obtain a number of inputs, which are then used to test the objective application in…

Cryptography and Security · Computer Science 2019-06-04 Chenyang Lyu , Shouling Ji , Yuwei Li , Junfeng Zhou , Jianhai Chen , Jing Chen

Grey-box fuzzing is the lightweight approach of choice for finding bugs in sequential programs. It provides a balance between efficiency and effectiveness by conducting a biased random search over the domain of program inputs using a…

Software Engineering · Computer Science 2023-08-15 Ruijie Meng , George Pîrlea , Abhik Roychoudhury , Ilya Sergey

Fuzzing is a well-established technique in the software domain to uncover bugs and vulnerabilities. Yet, applications of fuzzing for security vulnerabilities in hardware systems are scarce, as principal reasons are requirements for design…

Cryptography and Security · Computer Science 2024-02-16 Maik Ender , Felix Hahn , Marc Fyrbiak , Amir Moradi , Christof Paar

Bugs in compilers, which are critical infrastructure today, can have outsized negative impacts. Mutational fuzzers aid compiler bug detection by systematically mutating compiler inputs, i.e., programs. Their effectiveness depends on the…

Software Engineering · Computer Science 2025-10-10 Lingjun Liu , Feiran Qin , Owolabi Legunsen , Marcelo d'Amorim

In recent years, REST API fuzzing has emerged to explore errors on a cloud service. Its performance highly depends on the sequence construction and request generation. However, existing REST API fuzzers have trouble generating long…

Cryptography and Security · Computer Science 2023-03-07 Chenyang Lyu , Jiacheng Xu , Shouling Ji , Xuhong Zhang , Qinying Wang , Binbin Zhao , Gaoning Pan , Wei Cao , Raheem Beyah