English
Related papers

Related papers: ConFuzzius: A Data Dependency-Aware Hybrid Fuzzer …

200 papers

Fuzzing is a technique of finding bugs by executing a software recurrently with a large number of abnormal inputs. Most of the existing fuzzers consider all parts of a software equally, and pay too much attention on how to improve the code…

Cryptography and Security · Computer Science 2019-01-07 Yuwei Li , Shouling Ji , Chenyang Lv , Yuan Chen , Jianhai Chen , Qinchen Gu , Chunming Wu

In the past few years, several attacks against the vulnerabilities of EOSIO smart contracts have caused severe financial losses to this prevalent blockchain platform. As a lightweight test-generation approach, grey-box fuzzing can open up…

Cryptography and Security · Computer Science 2022-11-07 Jianfei Zhou , Tianxing Jiang , Shuwei Song , Ting Chen

Solidity compiler plays a key role in enabling the development of smart contract applications on Ethereum by governing the syntax of a domain-specific language called Solidity and performing compilation and optimization of Solidity code.…

Software Engineering · Computer Science 2024-08-12 Haoyang Ma , Wuqi Zhang , Qingchao Shen , Yongqiang Tian , Junjie Chen , Shing-Chi Cheung

Ethereum is a distributed, peer-to-peer blockchain infrastructure that has attracted billions of dollars. Perhaps due to its success, Ethereum has become a target for various kinds of attacks, motivating researchers to explore different…

Cryptography and Security · Computer Science 2024-09-04 Ismael Medeiros , Fausto Carvalho , Alexandre Ferreira , Rodrigo Bonifácio , Fabiano Cavalcanti Fernandes

Hybrid testing combines fuzz testing and concolic execution. It leverages fuzz testing to test easy-to-reach code regions and uses concolic execution to explore code blocks guarded by complex branch conditions. However, its code…

Software Engineering · Computer Science 2019-06-19 Yaohui Chen , Peng Li , Jun Xu , Shengjian Guo , Rundong Zhou , Yulong Zhang , Taowei , Long Lu

Seed scheduling is a prominent factor in determining the yields of hybrid fuzzing. Existing hybrid fuzzers schedule seeds based on fixed heuristics that aim to predict input utilities. However, such heuristics are not generalizable as there…

Cryptography and Security · Computer Science 2020-07-23 Yaohui Chen , Mansour Ahmadi , Reza Mirzazade farkhani , Boyu Wang , Long Lu

Recent research has shown that hardware fuzzers can effectively detect security vulnerabilities in modern processors. However, existing hardware fuzzers do not fuzz well the hard-to-reach design spaces. Consequently, these fuzzers cannot…

Cryptography and Security · Computer Science 2023-06-27 Chen Chen , Rahul Kande , Nathan Nguyen , Flemming Andersen , Aakash Tyagi , Ahmad-Reza Sadeghi , Jeyavijayan Rajendran

Collaborative fuzzing combines multiple individual fuzzers and dynamically chooses appropriate combinations for different programs. Unlike individual fuzzers that rely on specific assumptions, collaborative fuzzing relaxes assumptions on…

Cryptography and Security · Computer Science 2025-07-23 Wenxuan Shi , Hongwei Li , Jiahao Yu , Xinqian Sun , Wenbo Guo , Xinyu Xing

Firmware serves as the critical interface between hardware and software in computing systems, making any bugs or vulnerabilities particularly dangerous as they can cause catastrophic system failures. While fuzzing is a promising approach…

Cryptography and Security · Computer Science 2026-02-03 Dakshina Tharindu , Aruna Jayasena , Prabhat Mishra

Fuzzing is one of the prevailing methods for vulnerability detection. However, even state-of-the-art fuzzing methods become ineffective after some period of time, i.e., the coverage hardly improves as existing methods are ineffective to…

Cryptography and Security · Computer Science 2021-12-15 Shunkai Zhu , Jingyi Wang , Jun Sun , Jie Yang , Xingwei Lin , Liyi Zhang , Peng Cheng

GPUs have gained significant popularity over the past decade, extending beyond their original role in graphics rendering. This evolution has brought GPU security and reliability to the forefront of concerns. Prior research has shown that…

Cryptography and Security · Computer Science 2026-01-06 Saurabh Singh , Ruobing Han , Jaewon Lee , Seonjin Na , Yonghae Kim , Taesoo Kim , Hyesoon Kim

Smart contracts play a pivotal role in blockchain ecosystems, and fuzzing remains an important approach to securing smart contracts. Even though mutation scheduling is a key factor influencing fuzzing effectiveness, existing fuzzers have…

Software Engineering · Computer Science 2025-07-17 Keke Gai , Haochen Liang , Jing Yu , Liehuang Zhu , Dusit Niyato

Smart contracts extended blockchain functionality beyond simple transactions, powering complex applications like decentralized finance (DeFi). However, this complexity introduces serious security challenges, including price manipulation and…

Cryptography and Security · Computer Science 2026-04-21 Bowen Cai , Weiheng Bai , Hangyun Tang , Youshui Lu , Kangjie Lu

Fuzzing has become the de facto standard technique for finding software vulnerabilities. However, even state-of-the-art fuzzers are not very efficient at finding hard-to-trigger software bugs. Most popular fuzzers use evolutionary guidance…

Cryptography and Security · Computer Science 2019-07-16 Dongdong She , Kexin Pei , Dave Epstein , Junfeng Yang , Baishakhi Ray , Suman Jana

Fuzzing has gained in popularity for software vulnerability detection by virtue of the tremendous effort to develop a diverse set of fuzzers. Thanks to various fuzzing techniques, most of the fuzzers have been able to demonstrate great…

Cryptography and Security · Computer Science 2023-02-28 Yu-Fu Fu , Jaehyuk Lee , Taesoo Kim

Smart contracts, self-executing agreements directly encoded in code, are fundamental to blockchain technology, especially in decentralized finance (DeFi) and Web3. However, the rise of Ponzi schemes in smart contracts poses significant…

Cryptography and Security · Computer Science 2024-12-19 Cong Wu , Jing Chen , Ziwei Wang , Ruichao Liang , Ruiying Du

Billions of dollars are transacted through smart contracts, making vulnerabilities a major financial risk. One focus in the security arms race is on profitable vulnerabilities that attackers can exploit. Fuzzing is a key method for…

Cryptography and Security · Computer Science 2025-02-13 Ziqiao Kong , Cen Zhang , Maoyi Xie , Ming Hu , Yue Xue , Ye Liu , Haijun Wang , Yang Liu

Fuzzing has become a commonly used approach to identifying bugs in complex, real-world programs. However, interpreters are notoriously difficult to fuzz effectively, as they expect highly structured inputs, which are rarely produced by most…

Cryptography and Security · Computer Science 2023-04-06 Christopher Salls , Chani Jindal , Jake Corina , Christopher Kruegel , Giovanni Vigna

Fuzz testing has been used to find bugs in programs since the 1990s, but despite decades of dedicated research, there is still no consensus on which fuzzing techniques work best. One reason for this is the paucity of ground truth: bugs in…

Cryptography and Security · Computer Science 2022-08-24 Joshua Bundt , Andrew Fasano , Brendan Dolan-Gavitt , William Robertson , Tim Leek

Recent efforts in practical symbolic execution have successfully mitigated the path-explosion problem to some extent with search-based heuristics and compositional approaches. Similarly, due to an increase in the performance of cheap…

Software Engineering · Computer Science 2017-12-20 Saahil Ognawala , Ana Petrovska , Kristian Beckers