English
Related papers

Related papers: Legion: Best-First Concolic Testing

200 papers

Mutation-based fuzzing typically uses an initial set of non-crashing seed inputs (a corpus) from which to generate new inputs by mutation. A corpus of potential seeds will often contain thousands of similar inputs. This lack of diversity…

Cryptography and Security · Computer Science 2020-09-22 Adrian Herrera , Hendra Gunadi , Liam Hayes , Shane Magrath , Felix Friedlander , Maggi Sebastian , Michael Norrish , Antony L. Hosking

Fuzzing, a widely-used technique for bug detection, has seen advancements through Large Language Models (LLMs). Despite their potential, LLMs face specific challenges in fuzzing. In this paper, we identified five major challenges of…

Software Engineering · Computer Science 2024-04-26 Yu Jiang , Jie Liang , Fuchen Ma , Yuanliang Chen , Chijin Zhou , Yuheng Shen , Zhiyong Wu , Jingzhou Fu , Mingzhe Wang , ShanShan Li , Quan Zhang

Monte-Carlo planning and Reinforcement Learning (RL) are essential to sequential decision making. The recent AlphaGo and AlphaZero algorithms have shown how to successfully combine these two paradigms in order to solve large scale…

Machine Learning · Computer Science 2021-02-17 Tuan Dam , Carlo D'Eramo , Jan Peters , Joni Pajarinen

How can we perform concolic execution to generate highly structured test inputs for systematically testing parsing programs? Existing concolic execution engines are significantly restricted by (1) input structure-agnostic path constraint…

Software Engineering · Computer Science 2025-10-15 Haoxin Tu , Seongmin Lee , Yuxian Li , Peng Chen , Lingxiao Jiang , Marcel Böhme

Security vulnerabilities play a vital role in network security system. Fuzzing technology is widely used as a vulnerability discovery technology to reduce damage in advance. However, traditional fuzzing techniques have many challenges, such…

Cryptography and Security · Computer Science 2020-08-20 Yan Wang , Peng Jia , Luping Liu , Jiayong Liu

We improve the performance of the American Fuzzy Lop (AFL) fuzz testing framework by using Generative Adversarial Network (GAN) models to reinitialize the system with novel seed files. We assess performance based on the temporal rate at…

Artificial Intelligence · Computer Science 2017-11-09 Nicole Nichols , Mark Raugas , Robert Jasper , Nathan Hilliard

While fuzzing is widely accepted as an efficient program testing technique, it is still unclear how to measure the comparative quality of different fuzzers. The current de facto quality metrics are edge coverage and the number of discovered…

Software Engineering · Computer Science 2024-09-24 Gwangmu Lee

Fuzzing is a widely used software security testing technique that is designed to identify vulnerabilities in systems by providing invalid or unexpected input. Continuous fuzzing systems like OSS-FUZZ have been successful in finding security…

Cryptography and Security · Computer Science 2023-07-04 Chaitanya Rahalkar

The increasing inclusion of Deep Learning (DL) models in safety-critical systems such as autonomous vehicles have led to the development of multiple model-based DL testing techniques. One common denominator of these testing techniques is…

Machine Learning · Computer Science 2019-09-09 Houssem Ben Braiek , Foutse khomh

In mutation-based greybox fuzzing, generating high-quality input seeds for the initial corpus is essential for effective fuzzing. Rather than conducting separate phases for generating a large corpus and subsequently minimizing it, we…

Software Engineering · Computer Science 2025-12-29 Hridya Dhulipala , Xiaokai Rong , Aashish Yadavally , Tien N. Nguyen

Greybox fuzzing is one of the most useful and effective techniques for the bug detection in large scale application programs. It uses minimal amount of instrumentation. American Fuzzy Lop (AFL) is a popular coverage based evolutionary…

Artificial Intelligence · Computer Science 2018-06-12 Ketan Patil , Aditya Kanade

In this study, we explore the efficiency of the Monte Carlo Tree Search (MCTS), a prominent decision-making algorithm renowned for its effectiveness in complex decision environments, contingent upon the volume of simulations conducted.…

Artificial Intelligence · Computer Science 2024-03-19 Ye Zhang , Mengran Zhu , Kailin Gui , Jiayue Yu , Yong Hao , Haozhan Sun

Testing configurable systems continues to be challenging and costly. Generation of configurations for testing tends to use either techniques based on semantic sampling (e.g., logical formulas over configuration variables, often called…

Software Engineering · Computer Science 2024-01-17 Tuba Yavuz , Chin Khor , Ken , Bai , Robyn Lutz

Fuzzing is an effective technique for discovering software vulnerabilities by generating random test inputs and executing them against the target program. However, fuzzing large and complex programs remains challenging due to difficulties…

Cryptography and Security · Computer Science 2024-06-10 Dongdong She , Adam Storek , Yuchong Xie , Seoyoung Kweon , Prashast Srivastava , Suman Jana

The weaponization of LLMs for automated malware generation poses an existential threat to conventional detection paradigms. AI-generated malware exhibits polymorphic, metamorphic, and context-aware evasion capabilities that render…

Cryptography and Security · Computer Science 2026-03-11 George Edwards , Mahdi Eslamimehr

Ensuring the correctness of compiler optimizations is critical, but existing fuzzers struggle to test optimizations effectively. First, most fuzzers use optimization pipelines (heuristics-based, fixed sequences of passes) as their harness.…

Software Engineering · Computer Science 2025-12-05 Zitong Zhou , Ben Limpanukorn , Hong Jin Kang , Jiyuan Wang , Yaoxuan Wu , Akos Kiss , Renata Hodovan , Miryung Kim

Monte Carlo tree search (MCTS) has received considerable interest due to its spectacular success in the difficult problem of computer Go and also proved beneficial in a range of other domains. A major issue that has received little…

Machine Learning · Computer Science 2019-05-10 Aurelien Pelissier , Atsuyoshi Nakamura , Koji Tabata

Concolic testing is a promising method for generating test suites for large programs. However, it suffers from the path-explosion problem and often fails to find tests that cover difficult-to-reach parts of programs. In contrast, model…

Logic in Computer Science · Computer Science 2016-08-08 Przemysław Daca , Ashutosh Gupta , Thomas A. Henzinger

Modern fuzzers increasingly use Large Language Models (LLMs) to generate structured inputs, but LLM-driven fuzzing is sensitive to prompt initialization and sampling variance, which can reduce exploration efficiency and lead to redundant…

Cryptography and Security · Computer Science 2026-05-05 Mario Rodríguez Béjar , B. Romera-Paredes , Jose L. Hernández-Ramos

Fuzz testing (fuzzing) is a well-known method for exposing bugs/vulnerabilities in software systems. Popular fuzzers, such as AFL, use a biased random search over the domain of program inputs, where 100s or 1000s of inputs (test cases) are…

Software Engineering · Computer Science 2023-08-02 Yuntong Zhang , Ridwan Shariffdeen , Gregory J. Duck , Jiaqi Tan , Abhik Roychoudhury