English
Related papers

Related papers: FuzzingDriver: the Missing Dictionary to Increase …

200 papers

Despite the fact that the state-of-the-art fuzzers can generate inputs efficiently, existing fuzz drivers still cannot adequately cover entries in libraries. Most of these fuzz drivers are crafted manually by developers, and their quality…

Cryptography and Security · Computer Science 2023-09-08 Peng Chen , Yuxuan Xie , Yunlong Lyu , Yuxiao Wang , Hao Chen

A fundamental problem in cybersecurity and computer science is determining whether a program is free of bugs and vulnerabilities. Fuzzing, a popular approach to discovering vulnerabilities in programs, has several advantages over…

Cryptography and Security · Computer Science 2026-01-27 Ian Hardgrove , John D. Hastings

Fuzzing is a technique widely used in vulnerability detection. The process usually involves writing effective fuzz driver programs, which, when done manually, can be extremely labor intensive. Previous attempts at automation leave much to…

Software Engineering · Computer Science 2021-03-02 Mingrui Zhang , Jianzhong Liu , Fuchen Ma , Huafeng Zhang , Yu Jiang

Fuzzing has gained in popularity for software vulnerability detection by virtue of the tremendous effort to develop a diverse set of fuzzers. Thanks to various fuzzing techniques, most of the fuzzers have been able to demonstrate great…

Cryptography and Security · Computer Science 2023-02-28 Yu-Fu Fu , Jaehyuk Lee , Taesoo Kim

Coverage guided fuzzing (CGF) is an effective testing technique which has detected hundreds of thousands of bugs from various software applications. It focuses on maximizing code coverage to reveal more bugs during fuzzing. However, a…

Software Engineering · Computer Science 2022-05-03 Ruixiang Qian , Quanjun Zhang , Chunrong Fang , Lihua Guo

Fuzzing is a popular vulnerability automated testing method utilized by professionals and broader community alike. However, despite its abilities, fuzzing is a time-consuming, computationally expensive process. This is problematic for the…

Software Engineering · Computer Science 2023-07-25 Michael Wang , Michael Robinson

Many assisting exploration strategies have been proposed to assist grey-box fuzzers in exploring program states guarded by tight and complex branch conditions such as equality constraints. Although they have shown promising results in their…

Software Engineering · Computer Science 2024-09-25 Mingyuan Wu , Jiahong Xiang , Kunqiu Chen , Peng DI , Shin Hwei Tan , Heming Cui , Yuqun Zhang

Fuzzing consists of repeatedly testing an application with modified, or fuzzed, inputs with the goal of finding security vulnerabilities in input-parsing code. In this paper, we show how to automate the generation of an input grammar…

Artificial Intelligence · Computer Science 2017-01-26 Patrice Godefroid , Hila Peleg , Rishabh Singh

Coverage-guided fuzzing has been widely applied to address zero-day vulnerabilities in general-purpose software and operating systems. This approach relies on instrumenting the target code at compile time. However, applying it to industrial…

Cryptography and Security · Computer Science 2026-05-12 Carmine Cesarano , Roberto Natella

Of coverage-guided fuzzing's three main components: (1) testcase generation, (2) code coverage tracing, and (3) crash triage, code coverage tracing is a dominant source of overhead. Coverage-guided fuzzers trace every testcase's code…

Cryptography and Security · Computer Science 2019-01-30 Stefan Nagy , Matthew Hicks

Context: Exhaustive fuzzing of modern JavaScript engines is infeasible due to the vast number of program states and execution paths. Coverage-guided fuzzers waste effort on low-risk inputs, often ignoring vulnerability-triggering ones that…

Software Engineering · Computer Science 2025-12-23 Kishan Kumar Ganguly , Tim Menzies

Fuzzing is a promising technique for detecting security vulnerabilities. Newly developed fuzzers are typically evaluated in terms of the number of bugs found on vulnerable programs/binaries. However,existing corpora usually do not capture…

Software Engineering · Computer Science 2019-05-07 Xiaogang Zhu , Xiaotao Feng , Tengyun Jiao , Sheng Wen , Yang Xiang , Seyit Camtepe , Jingling Xue

Gray-box fuzzing is widely used for testing embedded systems (ESes). State-of-the-art (SOTA) gray-box fuzzers test ES firmware in fully emulated environments without real peripherals. They emulate missing peripherals to achieve decent code…

Cryptography and Security · Computer Science 2025-04-21 Wei-Lun Huang , Kang G. Shin

Grey-box fuzzers such as American Fuzzy Lop (AFL) are popular tools for finding bugs and potential vulnerabilities in programs. While these fuzzers have been able to find vulnerabilities in many widely used programs, they are not efficient;…

Artificial Intelligence · Computer Science 2018-11-26 Siddharth Karamcheti , Gideon Mann , David Rosenberg

Modern extensible compiler frameworks-such as MLIR-enable rapid creation of domain-specific language dialects. This flexibility, however, makes correctness harder to ensure as the same extensibility that accelerates development also…

Software Engineering · Computer Science 2025-12-08 Sairam Vaidya , Marcel Böhme , Loris D'Antoni

Fuzzing is one of the most effective technique to identify potential software vulnerabilities. Most of the fuzzers aim to improve the code coverage, and there is lack of directedness (e.g., fuzz the specified path in a software). In this…

Cryptography and Security · Computer Science 2020-10-26 Xiaogang Zhu , Shigang Liu , Xian Li , Sheng Wen , Jun Zhang , Camtepe Seyit , Yang Xiang

Coverage-based graybox fuzzer (CGF), such as AFL has gained great success in vulnerability detection thanks to its ease-of-use and bug-finding power. Since some code fragments such as memory allocation are more vulnerable than others,…

Cryptography and Security · Computer Science 2021-03-02 Wenshuo Wang , Liang Cheng , Yang Zhang

As the complexity of logic designs increase, new avenues for testing digital hardware becomes necessary. Fuzz Testing (fuzzing) has recently received attention as a potential candidate for input vector generation on hardware designs. Using…

Hardware Architecture · Computer Science 2023-12-12 Ruochen Dai , Michael Lee , Patrick Hoey , Weimin Fu , Tuba Yavuz , Xiaolong Guo , Shuo Wang , Dean Sullivan , Orlando Arias

Robustness is a key concern for Rust library development because Rust promises no risks of undefined behaviors if developers use safe APIs only. Fuzzing is a practical approach for examining the robustness of programs. However, existing…

Software Engineering · Computer Science 2021-10-25 Jianfeng Jiang , Hui Xu , Yangfan Zhou

In vulnerability detection, machine learning has been used as an effective static analysis technique, although it suffers from a significant rate of false positives. Contextually, in vulnerability discovery, fuzzing has been used as an…

Cryptography and Security · Computer Science 2025-05-05 Gianpietro Castiglione , Marcello Maugeri , Giampaolo Bella