English
Related papers

Related papers: FormatFuzzer: Effective Fuzzing of Binary File For…

200 papers

Despite the fact that the state-of-the-art fuzzers can generate inputs efficiently, existing fuzz drivers still cannot adequately cover entries in libraries. Most of these fuzz drivers are crafted manually by developers, and their quality…

Cryptography and Security · Computer Science 2023-09-08 Peng Chen , Yuxuan Xie , Yunlong Lyu , Yuxiao Wang , Hao Chen

We propose a tool, called FuzzingDriver, to generate dictionary tokens for coverage-based greybox fuzzers (CGF) from the codebase of any target program. FuzzingDriver does not add any overhead to the fuzzing job as it is run beforehand. We…

Cryptography and Security · Computer Science 2022-01-14 Arash Ale Ebrahim , Mohammadreza Hazhirpasand , Oscar Nierstrasz , Mohammad Ghafari

Compiler technologies in deep learning and domain-specific hardware acceleration are increasingly adopting extensible compiler frameworks such as Multi-Level Intermediate Representation (MLIR) to facilitate more efficient development. With…

Software Engineering · Computer Science 2024-08-28 Ben Limpanukorn , Jiyuan Wang , Hong Jin Kang , Eric Zitong Zhou , Miryung Kim

Fuzzing is a technique of finding bugs by executing a software recurrently with a large number of abnormal inputs. Most of the existing fuzzers consider all parts of a software equally, and pay too much attention on how to improve the code…

Cryptography and Security · Computer Science 2019-01-07 Yuwei Li , Shouling Ji , Chenyang Lv , Yuan Chen , Jianhai Chen , Qinchen Gu , Chunming Wu

Taint-style vulnerabilities comprise a majority of fuzzer discovered program faults. These vulnerabilities usually manifest as memory access violations caused by tainted program input. Although fuzzers have helped uncover a majority of…

Cryptography and Security · Computer Science 2017-06-02 Bhargava Shastry , Federico Maggi , Fabian Yamaguchi , Konrad Rieck , Jean-Pierre Seifert

Directed greybox fuzzing is a popular technique for targeted software testing that seeks to find inputs that reach a set of target sites in a program. Most existing directed greybox fuzzers do not provide any theoretical analysis of their…

Cryptography and Security · Computer Science 2022-09-02 Abhishek Shah , Dongdong She , Samanway Sadhu , Krish Singal , Peter Coffman , Suman Jana

Crafting high-quality fuzz drivers not only is time-consuming but also requires a deep understanding of the library. However, the state-of-the-art automatic fuzz driver generation techniques fall short of expectations. While fuzz drivers…

Cryptography and Security · Computer Science 2024-05-30 Yunlong Lyu , Yuxuan Xie , Peng Chen , Hao Chen

Recent research has shown that hardware fuzzers can effectively detect security vulnerabilities in modern processors. However, existing hardware fuzzers do not fuzz well the hard-to-reach design spaces. Consequently, these fuzzers cannot…

Cryptography and Security · Computer Science 2023-06-27 Chen Chen , Rahul Kande , Nathan Nguyen , Flemming Andersen , Aakash Tyagi , Ahmad-Reza Sadeghi , Jeyavijayan Rajendran

Exponential growth in embedded systems is driving the research imperative to develop fuzzers to automate firmware testing to uncover software bugs and security vulnerabilities. But, employing fuzzing techniques in this context present a…

Cryptography and Security · Computer Science 2023-01-18 Guy Farrelly , Michael Chesser , Damith C. Ranasinghe

We consider gray-box fuzzing of a program instrumented such that information about evaluation of program expressions converting values of numerical types to Boolean, like x <= y, is recorded during each program's execution. Given that…

Programming Languages · Computer Science 2025-01-31 Martin Jonáš , Jan Strejček , Marek Trtík

Emulation-based fuzzers enable testing binaries without source code, and facilitate testing embedded applications where automated execution on the target hardware architecture is difficult and slow. The instrumentation techniques added to…

Cryptography and Security · Computer Science 2023-06-22 Michael Chesser , Surya Nepal , Damith C. Ranasinghe

This paper presents a coverage-guided grammar-based fuzzing technique for automatically generating a corpus of concise test inputs for programs such as compilers. We walk-through a case study of a compiler designed for education and the…

Software Engineering · Computer Science 2021-03-09 Vasudev Vikram , Rohan Padhye , Koushik Sen

Coverage-guided fuzzing has been widely applied to address zero-day vulnerabilities in general-purpose software and operating systems. This approach relies on instrumenting the target code at compile time. However, applying it to industrial…

Cryptography and Security · Computer Science 2026-05-12 Carmine Cesarano , Roberto Natella

Mutation testing can help minimize the delivery of faulty software. Therefore, it is a recommended practice for developing embedded software in safety-critical cyber-physical systems (CPS). However, state-of-the-art mutation testing…

Software Engineering · Computer Science 2025-07-04 Jaekwon Lee , Fabrizio Pastore , Lionel Briand

In mutation-based greybox fuzzing, generating high-quality input seeds for the initial corpus is essential for effective fuzzing. Rather than conducting separate phases for generating a large corpus and subsequently minimizing it, we…

Software Engineering · Computer Science 2025-12-29 Hridya Dhulipala , Xiaokai Rong , Aashish Yadavally , Tien N. Nguyen

Despite its long-standing popularity and fundamental role in an operating system, the Unix shell has rarely been a subject of academic research. In particular, regardless of the significant progress in compiler testing, there has been…

Software Engineering · Computer Science 2024-08-02 Riccardo Felici , Laura Pozzi , Carlo A. Furia

Large language models (LLMs) have recently experienced tremendous popularity and are widely used from casual conversations to AI-driven programming. However, despite their considerable success, LLMs are not entirely reliable and can give…

Artificial Intelligence · Computer Science 2024-06-28 Jiahao Yu , Xingwei Lin , Zheng Yu , Xinyu Xing

Coverage-based graybox fuzzer (CGF), such as AFL has gained great success in vulnerability detection thanks to its ease-of-use and bug-finding power. Since some code fragments such as memory allocation are more vulnerable than others,…

Cryptography and Security · Computer Science 2021-03-02 Wenshuo Wang , Liang Cheng , Yang Zhang

FuzzPilot is a controller for AFL++ that moves expensive reasoning out of the mutation hot path. When coverage plateaus, it snapshots the corpus, prepares candidate mutation recipes, evaluates them in short isolated AFL++ micro-campaigns,…

Software Engineering · Computer Science 2026-05-27 Zhiyi Yao

Fuzz Testing techniques are the state of the art in software testing for security issues nowadays. Their great effectiveness attracted the attention of researchers and hackers and involved them in developing a lot of new techniques to…

Cryptography and Security · Computer Science 2021-02-09 Andrea Fioraldi , Luigi Paolo Pileggi