English
Related papers

Related papers: Optimizing seed inputs in fuzzing with machine lea…

200 papers

This paper presents a coverage-guided grammar-based fuzzing technique for automatically generating a corpus of concise test inputs for programs such as compilers. We walk-through a case study of a compiler designed for education and the…

Software Engineering · Computer Science 2021-03-09 Vasudev Vikram , Rohan Padhye , Koushik Sen

Network attacks have become a major security concern for organizations worldwide and have also drawn attention in the academics. Recently, researchers have applied neural networks to detect network attacks with network logs. However, public…

Cryptography and Security · Computer Science 2020-12-24 Qingtian Zou , Anoop Singhal , Xiaoyan Sun , Peng Liu

In the testing-retraining pipeline for enhancing the robustness property of deep learning (DL) models, many state-of-the-art robustness-oriented fuzzing techniques are metric-oriented. The pipeline generates adversarial examples as test…

Software Engineering · Computer Science 2024-07-18 Haipeng Wang , Zhengyuan Wei , Qilin Zhou , Wing-Kwong Chan

Software fuzzing mutates bytes in the test seeds to explore different behaviors of the program under test. Initial seeds can have great impact on the performance of a fuzzing campaign. Mutating a lot of uninteresting bytes in a large seed…

Software Engineering · Computer Science 2021-12-28 Aftab Hussain , Mohammad Amin Alipour

The importance of addressing security vulnerabilities is indisputable, with software becoming crucial in sectors such as national defense and finance. Consequently, The security issues caused by software vulnerabilities cannot be ignored.…

Cryptography and Security · Computer Science 2024-01-31 Liqun Yang , Chunan Li , Yongxin Qiu , Chaoren Wei , Jian Yang , Hongcheng Guo , Jinxin Ma , Zhoujun Li

Coverage-based greybox fuzzing (CGF) has been approved to be effective in finding security vulnerabilities. Seed scheduling, the process of selecting an input as the seed from the seed pool for the next fuzzing iteration, plays a central…

Software Engineering · Computer Science 2022-06-16 Yiru Zhao , Xiaoke Wang , Lei Zhao , Yueqiang Cheng , Heng Yin

Fuzz testing is crucial for identifying software vulnerabilities, with coverage-guided grey-box fuzzers like AFL and Angora excelling in broad detection. However, as the need for targeted detection grows, directed grey-box fuzzing (DGF) has…

Software Engineering · Computer Science 2024-09-24 Yijiang Xu , Hongrui Jia , Liguo Chen , Xin Wang , Zhengran Zeng , Yidong Wang , Qing Gao , Jindong Wang , Wei Ye , Shikun Zhang , Zhonghai Wu

Machine learning (ML)-based malware detection systems are becoming increasingly important as malware threats increase and get more sophisticated. PDF files are often used as vectors for phishing attacks because they are widely regarded as…

Cryptography and Security · Computer Science 2023-08-11 Ran Liu , Charles Nicholas

Literature in traditional program fuzzing has confirmed that effectiveness is largely impacted by redundancy among initial seeds, thereby proposing a series of seed selection methods. JVM fuzzing, compared to traditional ones, presents…

Software Engineering · Computer Science 2024-08-19 Tianchang Gao , Junjie Chen , Dong Wang , Yile Guo , Yingquan Zhao , Zan Wang

Seed scheduling, the order in which seeds are selected, can greatly affect the performance of a fuzzer. Existing approaches schedule seeds based on their historical mutation data, but ignore the structure of the underlying Control Flow…

Cryptography and Security · Computer Science 2022-03-25 Dongdong She , Abhishek Shah , Suman Jana

Coverage-guided Greybox Fuzzing (CGF) is one of the most successful and widely-used techniques for bug hunting. Two major approaches are adopted to optimize CGF: (i) to reduce search space of inputs by inferring relationships between input…

Cryptography and Security · Computer Science 2022-01-13 Kunpeng Zhang , Xi Xiao , Xiaogang Zhu , Ruoxi Sun , Minhui Xue , Sheng Wen

Semantic understanding of programs has attracted great attention in the community. Inspired by recent successes of large language models (LLMs) in natural language understanding, tremendous progress has been made by treating programming…

Machine Learning · Computer Science 2023-06-13 Jianyu Zhao , Yuyang Rong , Yiwen Guo , Yifeng He , Hao Chen

Starting with a random initial seed, fuzzers search for inputs that trigger bugs or vulnerabilities. However, fuzzers often fail to generate inputs for program paths guarded by restrictive branch conditions. In this paper, we show that by…

Software Engineering · Computer Science 2022-12-20 Seemanta Saha , Laboni Sarker , Md Shafiuzzaman , Chaofan Shou , Albert Li , Ganesh Sankaran , Tevfik Bultan

We present a new regression model for the determination of parton distribution functions (PDF) using techniques inspired from deep learning projects. In the context of the NNPDF methodology, we implement a new efficient computing framework…

High Energy Physics - Phenomenology · Physics 2019-09-04 Stefano Carrazza , Juan Cruz-Martinez

Fuzz testing, or "fuzzing," refers to a widely deployed class of techniques for testing programs by generating a set of inputs for the express purpose of finding bugs and identifying security flaws. Grey-box fuzzing, the most popular…

Artificial Intelligence · Computer Science 2018-08-28 Siddharth Karamcheti , Gideon Mann , David Rosenberg

Generation-based fuzzing is a software testing approach which is able to discover different types of bugs and vulnerabilities in software. It is, however, known to be very time consuming to design and fine tune classical fuzzers to achieve…

Cryptography and Security · Computer Science 2019-01-25 Martin Sablotny , Bjørn Sand Jensen , Chris W. Johnson

Fuzzing is an automated software testing technique broadly adopted by the industry. A popular variant is mutation-based fuzzing, which discovers a large number of bugs in practice. While the research community has studied mutation-based…

Software Engineering · Computer Science 2022-10-24 Patrick Jauernig , Domagoj Jakobovic , Stjepan Picek , Emmanuel Stapf , Ahmad-Reza Sadeghi

Bounded model checking (BMC) and fuzzing techniques are among the most effective methods for detecting errors and security vulnerabilities in software. However, there are still shortcomings in detecting these errors due to the inability of…

Software Engineering · Computer Science 2024-04-19 Kaled M. Alshmrany , Mohannad Aldughaim , Ahmed Bhayat , Lucas C. Cordeiro

Grammar-based fuzzing is a technique used to find software vulnerabilities by injecting well-formed inputs generated following rules that encode application semantics. Most grammar-based fuzzers for network protocols rely on human experts…

Cryptography and Security · Computer Science 2021-01-26 Samuel Jero , Maria Leonor Pacheco , Dan Goldwasser , Cristina Nita-Rotaru

Fuzzing has become a widely adopted technique for vulnerability discovery, yet it remains ineffective for structured-input programs due to strict syntactic constraints and limited semantic awareness. Traditional greybox fuzzers rely on…

Cryptography and Security · Computer Science 2026-04-21 Yihao Zou , Tianming Zheng , Futai Zou , Yue Wu