English
Related papers

Related papers: Type-Centric Kotlin Compiler Fuzzing: Preserving T…

200 papers

Fuzzing is the process of finding security vulnerabilities in input-processing code by repeatedly testing the code with modified inputs. In this paper, we formalize fuzzing as a reinforcement learning problem using the concept of Markov…

Artificial Intelligence · Computer Science 2018-01-16 Konstantin Böttinger , Patrice Godefroid , Rishabh Singh

Fuzz testing, or "fuzzing," refers to a widely deployed class of techniques for testing programs by generating a set of inputs for the express purpose of finding bugs and identifying security flaws. Grey-box fuzzing, the most popular…

Artificial Intelligence · Computer Science 2018-08-28 Siddharth Karamcheti , Gideon Mann , David Rosenberg

Fuzzing has proven to be a highly effective approach to uncover software bugs over the past decade. After AFL popularized the groundbreaking concept of lightweight coverage feedback, the field of fuzzing has seen a vast amount of scientific…

The control logic models built by Simulink or Ptolemy have been widely used in industry scenes. It is an urgent need to ensure the safety and security of the control logic models. Test case generation technologies are widely used to ensure…

Software Engineering · Computer Science 2022-11-10 Yixiao Yang

Ensuring the security and reliability of machine learning frameworks is crucial for building trustworthy AI-based systems. Fuzzing, a popular technique in secure software development lifecycle (SSDLC), can be used to develop secure and…

Cryptography and Security · Computer Science 2024-12-24 Ilya Yegorov , Eli Kobrin , Darya Parygina , Alexey Vishnyakov , Andrey Fedotov

Securing operating system (OS) kernel is one central challenge in today's cyber security landscape. The cutting-edge testing technique of OS kernel is software fuzz testing. By mutating the program inputs with random variations for…

Cryptography and Security · Computer Science 2023-10-05 Wei Chen , Huaijin Wang , Weixi Gu , Shuai Wang

Fuzzing -- testing programs with random inputs -- has become the prime technique to detect bugs and vulnerabilities in programs. To generate inputs that cover new functionality, fuzzers require execution feedback from the program -- for…

Software Engineering · Computer Science 2020-12-29 Rahul Gopinath , Bachir Bendrissou , Björn Mathis , Andreas Zeller

Fuzzing has gained in popularity for software vulnerability detection by virtue of the tremendous effort to develop a diverse set of fuzzers. Thanks to various fuzzing techniques, most of the fuzzers have been able to demonstrate great…

Cryptography and Security · Computer Science 2023-02-28 Yu-Fu Fu , Jaehyuk Lee , Taesoo Kim

Fuzzing is an automated software testing technique broadly adopted by the industry. A popular variant is mutation-based fuzzing, which discovers a large number of bugs in practice. While the research community has studied mutation-based…

Software Engineering · Computer Science 2022-10-24 Patrick Jauernig , Domagoj Jakobovic , Stjepan Picek , Emmanuel Stapf , Ahmad-Reza Sadeghi

Security vulnerabilities play a vital role in network security system. Fuzzing technology is widely used as a vulnerability discovery technology to reduce damage in advance. However, traditional fuzzing techniques have many challenges, such…

Cryptography and Security · Computer Science 2020-08-20 Yan Wang , Peng Jia , Luping Liu , Jiayong Liu

This paper presents a coverage-guided grammar-based fuzzing technique for automatically generating a corpus of concise test inputs for programs such as compilers. We walk-through a case study of a compiler designed for education and the…

Software Engineering · Computer Science 2021-03-09 Vasudev Vikram , Rohan Padhye , Koushik Sen

Vulnerable software represents a tremendous threat to modern information systems. Vulnerabilities in widespread applications may be used to spread malware, steal money and conduct target attacks. To address this problem, developers and…

Cryptography and Security · Computer Science 2018-07-06 Maksim Shudrak , Vyacheslav Zolotarev

Guided fuzzing has, in recent years, been able to uncover many new vulnerabilities in real-world software due to its fast input mutation strategies guided by path-coverage. However, most fuzzers are unable to achieve high coverage in deeper…

Software Engineering · Computer Science 2019-10-14 Saahil Ognawala , Fabian Kilger , Alexander Pretschner

MLIR (Multi-Level Intermediate Representation) has rapidly become a foundational technology for modern compiler frameworks, enabling extensibility across diverse domains. However, ensuring the correctness and robustness of MLIR itself…

Software Engineering · Computer Science 2025-10-10 Zeyu Sun , Jingjing Liang , Weiyi Wang , Chenyao Suo , Junjie Chen , Fanjiang Xu

Fuzzing is a popular vulnerability automated testing method utilized by professionals and broader community alike. However, despite its abilities, fuzzing is a time-consuming, computationally expensive process. This is problematic for the…

Software Engineering · Computer Science 2023-07-25 Michael Wang , Michael Robinson

The Operating System (OS) kernel is foundational in modern computing, especially with the proliferation of diverse computing devices. However, its development also comes with vulnerabilities that can lead to severe security breaches. Kernel…

Cryptography and Security · Computer Science 2025-12-05 Jiacheng Xu , He Sun , Shihao Jiang , Qinying Wang , Mingming Zhang , Xiang Li , Kaiwen Shen , Peng Cheng , Jiming Chen , Charles Zhang , Shouling Ji

Coverage-guided fuzzers are powerful automated bug-finding tools. They mutate program inputs, observe coverage, and save any input that hits an unexplored path for future mutation. Unfortunately, without knowledge of input formats--for…

Cryptography and Security · Computer Science 2025-07-09 Harrison Green , Claire Le Goues , Fraser Brown

Security vulnerabilities in Internet-of-Things devices, mobile platforms, and autonomous systems remain critical. Traditional mutation-based fuzzers -- while effectively explore code paths -- primarily perform byte- or bit-level edits…

Software Engineering · Computer Science 2025-09-25 Mengdi Lu , Steven Ding , Furkan Alaca , Philippe Charland

Fuzzing is a highly effective method for uncovering software vulnerabilities, but analyzing the resulting data typically requires substantial manual effort. This is amplified by the fact that fuzzing campaigns often find a large number of…

Software Engineering · Computer Science 2025-12-02 Patrick Herter , Vincent Ahlrichs , Ridvan Açilan , Julian Horsch

Modern extensible compiler frameworks-such as MLIR-enable rapid creation of domain-specific language dialects. This flexibility, however, makes correctness harder to ensure as the same extensibility that accelerates development also…

Software Engineering · Computer Science 2025-12-08 Sairam Vaidya , Marcel Böhme , Loris D'Antoni