English
Related papers

Related papers: MUZZ: Thread-aware Grey-box Fuzzing for Effective …

200 papers

Gray-box fuzzing is widely used for testing embedded systems (ESes). State-of-the-art (SOTA) gray-box fuzzers test ES firmware in fully emulated environments without real peripherals. They emulate missing peripherals to achieve decent code…

Cryptography and Security · Computer Science 2025-04-21 Wei-Lun Huang , Kang G. Shin

Timing vulnerabilities in processors have emerged as a potent threat. As processors are the foundation of any computing system, identifying these flaws is imperative. Recently fuzzing techniques, traditionally used for detecting software…

Fuzzing -- testing programs with random inputs -- has become the prime technique to detect bugs and vulnerabilities in programs. To generate inputs that cover new functionality, fuzzers require execution feedback from the program -- for…

Software Engineering · Computer Science 2020-12-29 Rahul Gopinath , Bachir Bendrissou , Björn Mathis , Andreas Zeller

Fuzzing is a popular vulnerability automated testing method utilized by professionals and broader community alike. However, despite its abilities, fuzzing is a time-consuming, computationally expensive process. This is problematic for the…

Software Engineering · Computer Science 2023-07-25 Michael Wang , Michael Robinson

Patch fuzzing is a technique aimed at identifying vulnerabilities that arise from newly patched code. While researchers have made efforts to apply patch fuzzing to testing JavaScript engines with considerable success, these efforts have…

Cryptography and Security · Computer Science 2025-05-02 Junjie Wang , Yuhan Ma , Xiaofei Xie , Xiaoning Du , Xiangwei Zhang

Software fuzzing is a strong testing technique that has become the de facto approach for automated software testing and software vulnerability detection in the industry. The random nature of fuzzing makes monitoring and understanding the…

Software Engineering · Computer Science 2021-12-28 Aftab Hussain , Mohammad Amin Alipour

Fuzzing is an automated application vulnerability detection method. For genetic algorithm-based fuzzing, it can mutate the seed files provided by users to obtain a number of inputs, which are then used to test the objective application in…

Cryptography and Security · Computer Science 2019-06-04 Chenyang Lyu , Shouling Ji , Yuwei Li , Junfeng Zhou , Jianhai Chen , Jing Chen

Fuzzing is a promising technique for detecting security vulnerabilities. Newly developed fuzzers are typically evaluated in terms of the number of bugs found on vulnerable programs/binaries. However,existing corpora usually do not capture…

Software Engineering · Computer Science 2019-05-07 Xiaogang Zhu , Xiaotao Feng , Tengyun Jiao , Sheng Wen , Yang Xiang , Seyit Camtepe , Jingling Xue

Fuzzing has gained in popularity for software vulnerability detection by virtue of the tremendous effort to develop a diverse set of fuzzers. Thanks to various fuzzing techniques, most of the fuzzers have been able to demonstrate great…

Cryptography and Security · Computer Science 2023-02-28 Yu-Fu Fu , Jaehyuk Lee , Taesoo Kim

Security vulnerabilities play a vital role in network security system. Fuzzing technology is widely used as a vulnerability discovery technology to reduce damage in advance. However, traditional fuzzing techniques have many challenges, such…

Cryptography and Security · Computer Science 2020-08-20 Yan Wang , Peng Jia , Luping Liu , Jiayong Liu

Fuzzing is widely used for detecting bugs and vulnerabilities, with various techniques proposed to enhance its effectiveness. To combine the advantages of multiple technologies, researchers proposed ensemble fuzzing, which integrates…

Software Engineering · Computer Science 2025-07-31 Yukai Zhao , Shaohua Wang , Jue Wang , Xing Hu , Xin Xia

MLFuzz, a work accepted at ACM FSE 2023, revisits the performance of a machine learning-based fuzzer, NEUZZ. We demonstrate that its main conclusion is entirely wrong due to several fatal bugs in the implementation and wrong evaluation…

Cryptography and Security · Computer Science 2024-09-10 Dongdong She , Kexin Pei , Junfeng Yang , Baishakhi Ray , Suman Jana

Fuzzing is a powerful software testing technique renowned for its effectiveness in identifying software vulnerabilities. Traditional fuzzing evaluations typically focus on overall fuzzer performance across a set of target programs, yet few…

Software Engineering · Computer Science 2025-06-19 Miao Miao

Fuzzing and symbolic execution are popular techniques for finding vulnerabilities and generating test-cases for programs. Fuzzing, a blackbox method that mutates seed input values, is generally incapable of generating diverse inputs that…

Software Engineering · Computer Science 2017-12-13 Saahil Ognawala , Thomas Hutzelmann , Eirini Psallida , Alexander Pretschner

Fuzzing is a popular dynamic program analysis technique used to find vulnerabilities in complex software. Fuzzing involves presenting a target program with crafted malicious input designed to cause crashes, buffer overflows, memory errors,…

Software Engineering · Computer Science 2017-11-15 Mohit Rajpal , William Blum , Rishabh Singh

Recent research has sought to improve fuzzing performance via parallel computing. However, researchers focus on improving efficiency while ignoring the increasing cost of testing resources. Parallel fuzzing in the distributed environment…

Cryptography and Security · Computer Science 2022-11-16 Xu Zhou , Pengfei Wang , Chenyifan Liu , Tai Yue , Yingying Liu , Congxi Song , Kai Lu , Qidi Yin , Xu Han

Fuzzers and static analyzers find many bugs but struggle with logic bugs in mature codebases. Triggering such a bug often requires multi-step reasoning that produces no distinctive execution feedback, and variants can appear across…

Cryptography and Security · Computer Science 2026-05-12 Junyoung Park , Insu Yun

Fuzzing is a highly-scalable software testing technique that uncovers bugs in a target program by executing it with mutated inputs. Over the life of a fuzzing campaign, the fuzzer accumulates inputs inducing new and interesting target…

Cryptography and Security · Computer Science 2023-12-11 Simon Luo , Adrian Herrera , Paul Quirk , Michael Chase , Damith C. Ranasinghe , Salil S. Kanhere

Nowadays automated dynamic analysis frameworks for continuous testing are in high demand to ensure software safety and satisfy the security development lifecycle (SDL) requirements. The security bug hunting efficiency of cutting-edge hybrid…

Cryptography and Security · Computer Science 2023-03-24 Alexey Vishnyakov , Daniil Kuts , Vlada Logunova , Darya Parygina , Eli Kobrin , Georgy Savidov , Andrey Fedotov

Graph algorithms, such as shortest path finding, play a crucial role in enabling essential applications and services like infrastructure planning and navigation, making their correctness important. However, thoroughly testing graph…

Software Engineering · Computer Science 2025-02-24 Wenqi Yan , Manuel Rigger , Anthony Wirth , Van-Thuan Pham