English
Related papers

Related papers: Efficient Greybox Fuzzing to Detect Memory Errors

200 papers

Ever-increasing design complexity of System-on-Chips (SoCs) led to significant verification challenges. Unlike software, bugs in hardware design are vigorous and eternal i.e., once the hardware is fabricated, it cannot be repaired with any…

Hardware Architecture · Computer Science 2025-12-11 Deepak Narayan Gadde , Aman Kumar , Djones Lettnin , Sebastian Simon

In recent years, fuzzing has been widely applied not only to application software but also to system software, including the Linux kernel and firmware, and has become a powerful technique for vulnerability discovery. Among these approaches,…

Cryptography and Security · Computer Science 2026-03-27 Masami Ichikawa

Grey-box fuzzers such as American Fuzzy Lop (AFL) are popular tools for finding bugs and potential vulnerabilities in programs. While these fuzzers have been able to find vulnerabilities in many widely used programs, they are not efficient;…

Artificial Intelligence · Computer Science 2018-11-26 Siddharth Karamcheti , Gideon Mann , David Rosenberg

This paper presents a novel fuzzing framework, called MicroFuzz, specifically designed for Microservices. Mocking-Assisted Seed Execution, Distributed Tracing, Seed Refresh and Pipeline Parallelism approaches are adopted to address the…

Software Engineering · Computer Science 2024-02-06 Peng Di , Bingchang Liu , Yiyi Gao

Grey box fuzzing is one of the most successful methods for automatic vulnerability detection. However,conventional Grey box Fuzzers like AFL can open perform fuzzing against the whole input and spend more time on smaller seeds with lower…

Cryptography and Security · Computer Science 2022-03-31 Linlin Zhang , Ning Luo

Sanitizers can detect security vulnerabilities in C/C++ code that elude static analysis. Current practice is to continuously fuzz and sanitize internal pre-release builds. Sanitization-enabled builds are rarely released publicly. This is in…

Cryptography and Security · Computer Science 2018-05-16 Julian Lettner , Dokyung Song , Taemin Park , Stijn Volckaert , Per Larsen , Michael Franz

Fuzzing has become the de facto standard technique for finding software vulnerabilities. However, even state-of-the-art fuzzers are not very efficient at finding hard-to-trigger software bugs. Most popular fuzzers use evolutionary guidance…

Cryptography and Security · Computer Science 2019-07-16 Dongdong She , Kexin Pei , Dave Epstein , Junfeng Yang , Baishakhi Ray , Suman Jana

Fuzzing technologies have evolved at a fast pace in recent years, revealing bugs in programs with ever increasing depth and speed. Applications working with complex formats are however more difficult to take on, as inputs need to meet…

Cryptography and Security · Computer Science 2020-08-13 Andrea Fioraldi , Daniele Cono D'Elia , Emilio Coppa

In recent years, there has been a notable surge in attention towards hardware security, driven by the increasing complexity and integration of processors, SoCs, and third-party IPs aimed at delivering advanced solutions. However, this…

Cryptography and Security · Computer Science 2024-03-20 Raghul Saravanan , Sai Manoj Pudukotai Dinakarrao

Software vulnerabilities are constantly being reported and exploited in software products, causing significant impacts on society. In recent years, the main approach to vulnerability detection, fuzzing, has been integrated into the…

Software Engineering · Computer Science 2025-10-21 Tatsuya Shirai , Olivier Nourry , Yutaro Kashiwa , Kenji Fujiwara , Yasutaka Kamei , Hajimu Iida

Timing vulnerabilities in processors have emerged as a potent threat. As processors are the foundation of any computing system, identifying these flaws is imperative. Recently fuzzing techniques, traditionally used for detecting software…

Fuzzing is a popular vulnerability automated testing method utilized by professionals and broader community alike. However, despite its abilities, fuzzing is a time-consuming, computationally expensive process. This is problematic for the…

Software Engineering · Computer Science 2023-07-25 Michael Wang , Michael Robinson

Fuzzing has become a popular technique for automatically detecting vulnerabilities and bugs by generating unexpected inputs. In recent years, the fuzzing process has been integrated into continuous integration workflows (i.e., continuous…

Software Engineering · Computer Science 2026-02-06 Tatsuya Shirai , Olivier Nourry , Yutaro Kashiwa , Kenji Fujiwara , Hajimu Iida

Hardware-level memory vulnerabilities severely threaten computing systems. However, hardware patching is inefficient or difficult postfabrication. We investigate the effectiveness of hardware fuzzing in detecting hardware memory…

Cryptography and Security · Computer Science 2024-10-31 Mohamadreza Rostami , Chen Chen , Rahul Kande , Huimin Li , Jeyavijayan Rajendran , Ahmad-Reza Sadeghi

Fuzzing has gained in popularity for software vulnerability detection by virtue of the tremendous effort to develop a diverse set of fuzzers. Thanks to various fuzzing techniques, most of the fuzzers have been able to demonstrate great…

Cryptography and Security · Computer Science 2023-02-28 Yu-Fu Fu , Jaehyuk Lee , Taesoo Kim

GPUs play an increasingly important role in modern software. However, the heterogeneous host-device execution model and expanding software stacks make GPU programs prone to memory-safety and concurrency bugs that evade static analysis.…

Cryptography and Security · Computer Science 2026-03-16 Mohamed Tarek Ibn ziad , Christos Kozyrakis

Information leakage is a class of error that can lead to severe consequences. However unlike other errors, it is rarely explicitly considered during the software testing process. LeakFuzzer advances the state of the art by using a…

Software Engineering · Computer Science 2025-01-27 Daniel Blackwell , Ingolf Becker , David Clark

The increasing complexity of modern processor and IP designs presents significant challenges in identifying and mitigating hardware flaws early in the IC design cycle. Traditional hardware fuzzing techniques, inspired by software testing,…

Cryptography and Security · Computer Science 2025-01-03 Raghul Saravanan , Sreenitha Kasarapu , Sai Manoj Pudukotai Dinakarrao

Coverage-guided Greybox Fuzzing (CGF) is one of the most successful and widely-used techniques for bug hunting. Two major approaches are adopted to optimize CGF: (i) to reduce search space of inputs by inferring relationships between input…

Cryptography and Security · Computer Science 2022-01-13 Kunpeng Zhang , Xi Xiao , Xiaogang Zhu , Ruoxi Sun , Minhui Xue , Sheng Wen

Softwarization and virtualization in 5G and beyond necessitate thorough testing to ensure the security of critical infrastructure and networks, requiring the identification of vulnerabilities and unintended emergent behaviors from protocol…

Cryptography and Security · Computer Science 2023-07-24 Jingda Yang , Sudhanshu Arya , Ying Wang