English
Related papers

Related papers: SmartSeed: Smart Seed Generation for Efficient Fuz…

200 papers

Fuzzing is an automated software testing technique broadly adopted by the industry. A popular variant is mutation-based fuzzing, which discovers a large number of bugs in practice. While the research community has studied mutation-based…

Software Engineering · Computer Science 2022-10-24 Patrick Jauernig , Domagoj Jakobovic , Stjepan Picek , Emmanuel Stapf , Ahmad-Reza Sadeghi

Large Language Models (LLMs) have gained widespread use in various applications due to their powerful capability to generate human-like text. However, prompt injection attacks, which involve overwriting a model's original instructions with…

Cryptography and Security · Computer Science 2025-04-07 Jiahao Yu , Yangguang Shao , Hanwen Miao , Junzheng Shi

In mutation-based greybox fuzzing, generating high-quality input seeds for the initial corpus is essential for effective fuzzing. Rather than conducting separate phases for generating a large corpus and subsequently minimizing it, we…

Software Engineering · Computer Science 2025-12-29 Hridya Dhulipala , Xiaokai Rong , Aashish Yadavally , Tien N. Nguyen

Fuzzing is a popular bug detection technique achieved by testing software executables with random inputs. This technique can also be extended to libraries by constructing executables that call library APIs, known as fuzz drivers. Automated…

Software Engineering · Computer Science 2023-12-20 Yehong Zhang , Jun Wu , Hui Xu

Fuzzing is utilized for testing software and systems for cybersecurity risk via the automated adaptation of inputs. It facilitates the identification of software bugs and misconfigurations that may create vulnerabilities, cause abnormal…

Cryptography and Security · Computer Science 2023-06-08 Jack Hance , Jeremy Straub

Over 70% of security vulnerabilities in critical software systems today result from memory safety violations. To address this challenge, fuzzing and static analysis are widely used automated methods to discover such vulnerabilities. Fuzzing…

Cryptography and Security · Computer Science 2026-03-31 Keno Hassler , Philipp Görz , Stephan Lipp

Fuzzing has proven to be a highly effective approach to uncover software bugs over the past decade. After AFL popularized the groundbreaking concept of lightweight coverage feedback, the field of fuzzing has seen a vast amount of scientific…

Fuzzing has become a commonly used approach to identifying bugs in complex, real-world programs. However, interpreters are notoriously difficult to fuzz effectively, as they expect highly structured inputs, which are rarely produced by most…

Cryptography and Security · Computer Science 2023-04-06 Christopher Salls , Chani Jindal , Jake Corina , Christopher Kruegel , Giovanni Vigna

Fuzz testing to find semantic control vulnerabilities is an essential activity to evaluate the robustness of autonomous driving (AD) software. Whilst there is a preponderance of disparate fuzzing tools that target different parts of the…

Cryptography and Security · Computer Science 2025-04-16 Andrew Roberts , Lorenz Teply , Mert D. Pese , Olaf Maennel , Mohammad Hamad , Sebastian Steinhorst

Mutation-based fuzzing is popular and effective in discovering unseen code and exposing bugs. However, only a few studies have concentrated on quantifying the importance of input bytes, which refers to the degree to which a byte contributes…

Cryptography and Security · Computer Science 2023-10-24 Kunpeng Zhang , Xiaogang Zhu , Xi Xiao , Minhui Xue , Chao Zhang , Sheng Wen

In recent years, coverage-based greybox fuzzing has proven itself to be one of the most effective techniques for finding security bugs in practice. Particularly, American Fuzzy Lop (AFL for short) is deemed to be a great success in fuzzing…

Cryptography and Security · Computer Science 2019-01-24 Junjie Wang , Bihuan Chen , Lei Wei , Yang Liu

Fuzzing is an effective technique for discovering software vulnerabilities by generating random test inputs and executing them against the target program. However, fuzzing large and complex programs remains challenging due to difficulties…

Cryptography and Security · Computer Science 2024-06-10 Dongdong She , Adam Storek , Yuchong Xie , Seoyoung Kweon , Prashast Srivastava , Suman Jana

A fuzzer provides randomly generated inputs to a targeted software to expose erroneous behavior. To efficiently detect defects, generated inputs should conform to the structure of the input format and thus, grammars can be used to generate…

Software Engineering · Computer Science 2020-08-05 Martin Eberlein , Yannic Noller , Thomas Vogel , Lars Grunske

Network attacks have become a major security concern for organizations worldwide and have also drawn attention in the academics. Recently, researchers have applied neural networks to detect network attacks with network logs. However, public…

Cryptography and Security · Computer Science 2020-12-24 Qingtian Zou , Anoop Singhal , Xiaoyan Sun , Peng Liu

Fuzz testing has become a cornerstone technique for identifying software bugs and security vulnerabilities, with broad adoption in both industry and open-source communities. Directly fuzzing a function requires fuzz drivers, which translate…

Software Engineering · Computer Science 2025-10-03 Paschal C. Amusuo , Dongge Liu , Ricardo Andres Calvo Mendez , Jonathan Metzman , Oliver Chang , James C. Davis

Fuzz testing is crucial for identifying software vulnerabilities, with coverage-guided grey-box fuzzers like AFL and Angora excelling in broad detection. However, as the need for targeted detection grows, directed grey-box fuzzing (DGF) has…

Software Engineering · Computer Science 2024-09-24 Yijiang Xu , Hongrui Jia , Liguo Chen , Xin Wang , Zhengran Zeng , Yidong Wang , Qing Gao , Jindong Wang , Wei Ye , Shikun Zhang , Zhonghai Wu

Smart contracts are susceptible to critical vulnerabilities. Hybrid dynamic analyses, such as concolic execution assisted fuzzing and foundation model assisted fuzzing, have emerged as highly effective testing techniques for smart contract…

Software Engineering · Computer Science 2024-09-10 Sally Junsong Wang , Jianan Yao , Kexin Pei , Hidedaki Takahashi , Junfeng Yang

Guided fuzzing has, in recent years, been able to uncover many new vulnerabilities in real-world software due to its fast input mutation strategies guided by path-coverage. However, most fuzzers are unable to achieve high coverage in deeper…

Software Engineering · Computer Science 2019-10-14 Saahil Ognawala , Fabian Kilger , Alexander Pretschner

Hardware security vulnerabilities in computing systems compromise the security defenses of not only the hardware but also the software running on it. Recent research has shown that hardware fuzzing is a promising technique to efficiently…

Cryptography and Security · Computer Science 2023-08-22 Chen Chen , Vasudev Gohil , Rahul Kande , Ahmad-Reza Sadeghi , Jeyavijayan Rajendran

Kernel fuzzing is important for finding critical kernel vulnerabilities. Close-source (e.g., Windows) operating system kernel fuzzing is even more challenging due to the lack of source code. Existing approaches fuzz the kernel by modeling…

Cryptography and Security · Computer Science 2023-08-09 Zian Liu , Chao Chen , Muhammad Ejaz Ahmed , Jun Zhang , Dongxi Liu