English
Related papers

Related papers: SNPSFuzzer: A Fast Greybox Fuzzer for Stateful Net…

200 papers

In recent years, fuzz testing has benefited from increased computational power and important algorithmic advances, leading to systems that have discovered many critical bugs and vulnerabilities in production software. Despite these…

Cryptography and Security · Computer Science 2022-05-31 Anastasios Andronidis , Cristian Cadar

Stateful Coverage-Based Greybox Fuzzing (SCGF) is considered the state-of-the-art method for network protocol greybox fuzzing. During the protocol fuzzing process, SCGF constructs the state machine of the target protocol by identifying…

Cryptography and Security · Computer Science 2024-08-14 Liu Yu , Shen Yanlong , Zhou Ying

Greybox protocol fuzzing is a random testing approach for stateful protocol implementations, where the input is protocol messages generated from mutations of seeds, and the search in the input space is driven by the feedback on coverage of…

Cryptography and Security · Computer Science 2026-02-26 Yu Wang , Yang Xiang , Chandra Thapa , Hajime Suzuki

Fuzzing network servers is a technical challenge, since the behavior of the target server depends on its state over a sequence of multiple messages. Existing solutions are costly and difficult to use, as they rely on manually-customized…

Cryptography and Security · Computer Science 2022-10-05 Roberto Natella

Many protocol implementations are reactive systems, where the protocol process is in continuous interaction with other processes and the environment. If a bug can be exposed only in a certain state, a fuzzer needs to provide a specific…

Cryptography and Security · Computer Science 2023-06-06 Jinsheng Ba , Marcel Böhme , Zahra Mirzamomen , Abhik Roychoudhury

Protocol implementations are stateful which makes them difficult to test: Sending the same test input message twice might yield a different response every time. Our proposal to consider a sequence of messages as a seed for coverage-directed…

Software Engineering · Computer Science 2025-04-30 Ruijie Meng , Van-Thuan Pham , Marcel Böhme , Abhik Roychoudhury

Greybox fuzzing is a proven and effective testing method for the detection of security vulnerabilities and other bugs in modern software systems. Greybox fuzzing can also be used in combination with a sanitizer, such as AddressSanitizer…

Cryptography and Security · Computer Science 2022-09-07 Jinsheng Ba , Gregory J. Duck , Abhik Roychoudhury

As one of the most successful and effective software testing techniques in recent years, fuzz testing has uncovered numerous bugs and vulnerabilities in modern software, including network protocol software. In contrast to other fuzzing…

Networking and Internet Architecture · Computer Science 2024-02-28 Shihao Jiang , Yu Zhang , Junqiang Li , Hongfang Yu , Long Luo , Gang Sun

Greybox fuzzing is a lightweight testing approach that effectively detects bugs and security vulnerabilities. However, greybox fuzzers randomly mutate program inputs to exercise new paths; this makes it challenging to cover code that is…

Cryptography and Security · Computer Science 2018-07-23 Valentin Wüstholz , Maria Christakis

Testing ultra-large microservices-based FinTech systems presents significant challenges, including restricted access to production environments, complex dependencies, and stringent security constraints. We propose SandBoxFuzz, a scalable…

Software Engineering · Computer Science 2025-04-29 Jiazhao Yu , Yanlun Tu , Zhanlei Zhang , Tiehua Zhang , Cheng Xu , Weigang Wu , Hong Jin Kang , Xi Zheng

Distributed SDN (Software-Defined Networking) controllers have rapidly become an integral element of Wide Area Networks (WAN), particularly within SD-WAN, providing scalability and fault-tolerance for expansive network infrastructures.…

Cryptography and Security · Computer Science 2025-10-20 Jinwoo Kim , Minjae Seo , Eduard Marin , Seungsoo Lee , Jaehyun Nam , Seungwon Shin

The proliferation of Internet of Things (IoT) devices has made people's lives more convenient, but it has also raised many security concerns. Due to the difficulty of obtaining and emulating IoT firmware, the black-box fuzzing of IoT…

Cryptography and Security · Computer Science 2021-05-24 Xiaotao Feng , Ruoxi Sun , Xiaogang Zhu , Minhui Xue , Sheng Wen , Dongxi Liu , Surya Nepal , Yang Xiang

Coverage-guided Greybox Fuzzing (CGF) is one of the most successful and widely-used techniques for bug hunting. Two major approaches are adopted to optimize CGF: (i) to reduce search space of inputs by inferring relationships between input…

Cryptography and Security · Computer Science 2022-01-13 Kunpeng Zhang , Xi Xiao , Xiaogang Zhu , Ruoxi Sun , Minhui Xue , Sheng Wen

Network applications are routinely under attack. We consider the problem of developing an effective and efficient fuzzer for the recently ratified QUIC network protocol to uncover security vulnerabilities. QUIC offers a unified transport…

Cryptography and Security · Computer Science 2025-03-26 Kian Kai Ang , Damith C. Ranasinghe

Coverage-guided fuzz testing ("fuzzing") has become mainstream and we have observed lots of progress in this research area recently. However, it is still challenging to efficiently test network services with existing coverage-guided fuzzing…

Cryptography and Security · Computer Science 2022-05-05 Sergej Schumilo , Cornelius Aschermann , Andrea Jemmett , Ali Abbasi , Thorsten Holz

Smart contracts are critical financial instruments, and their security is of utmost importance. However, smart contract programs are difficult to fuzz due to the persistent blockchain state behind all transactions. Mutating sequences of…

Cryptography and Security · Computer Science 2023-06-30 Chaofan Shou , Shangyin Tan , Koushik Sen

The conventional wisdom is that a software-defined network (SDN) operates under the premise that the logically centralized control plane has an accurate representation of the actual data plane state. Unfortunately, bugs, misconfigurations,…

Networking and Internet Architecture · Computer Science 2020-12-08 Apoorv Shukla , Said Jawad Saidi , Stefan Schmid , Marco Canini , Thomas Zinner , Anja Feldmann

Fuzzing is a security testing methodology effective in finding bugs. In a nutshell, a fuzzer sends multiple slightly malformed messages to the software under test, hoping for crashes or weird system behaviour. The methodology is relatively…

Cryptography and Security · Computer Science 2023-01-09 Cristian Daniele , Seyed Behnam Andarzian , Erik Poll

Testing with randomly generated inputs (fuzzing) has gained significant traction due to its capacity to expose program vulnerabilities automatically. Fuzz testing campaigns generate large amounts of data, making them ideal for the…

Software Engineering · Computer Science 2023-09-29 Maria-Irina Nicolae , Max Eisele , Andreas Zeller

Grey-box fuzzers such as American Fuzzy Lop (AFL) are popular tools for finding bugs and potential vulnerabilities in programs. While these fuzzers have been able to find vulnerabilities in many widely used programs, they are not efficient;…

Artificial Intelligence · Computer Science 2018-11-26 Siddharth Karamcheti , Gideon Mann , David Rosenberg
‹ Prev 1 2 3 10 Next ›