English
Related papers

Related papers: FishFuzz: Throwing Larger Nets to Catch Deeper Bug…

200 papers

In this work, we set out to conduct the first ground-truth empirical evaluation of state-of-the-art DL fuzzers. Specifically, we first manually created an extensive DL bug benchmark dataset, which includes 627 real-world DL bugs from…

Software Engineering · Computer Science 2023-10-12 Nima Shiri Harzevili , Hung Viet Pham , Song Wang

Binary-only fuzzing often struggles with achieving thorough code coverage and uncovering hidden vulnerabilities due to limited insight into a program's internal dataflows. Traditional grey-box fuzzers guide test case generation primarily…

Software Engineering · Computer Science 2025-09-08 Kai Feng , Jeremy Singer , Angelos K Marnerides

Grey-box fuzzers such as American Fuzzy Lop (AFL) are popular tools for finding bugs and potential vulnerabilities in programs. While these fuzzers have been able to find vulnerabilities in many widely used programs, they are not efficient;…

Artificial Intelligence · Computer Science 2018-11-26 Siddharth Karamcheti , Gideon Mann , David Rosenberg

A greybox fuzzer is an automated software testing tool that generates new test inputs by applying randomly chosen mutators (e.g., flipping a bit or deleting a block of bytes) to a seed input in random order and adds all coverage-increasing…

Software Engineering · Computer Science 2026-04-24 Konstantinos Kitsios , Marcel Böhme , Alberto Bacchelli

Generation-based fuzzing produces appropriate test cases according to specifications of input grammars and semantic constraints to test systems and software. However, these specifications require significant manual effort to construct. This…

Cryptography and Security · Computer Science 2025-08-13 Chuyang Chen , Brendan Dolan-Gavitt , Zhiqiang Lin

We present a coverage-guided testing algorithm for distributed systems implementations. Our main innovation is the use of an abstract formal model of the system that is used to define coverage. Such abstract models are frequently developed…

Software Engineering · Computer Science 2025-09-03 Ege Berkay Gulcan , Burcu Kulahcioglu Ozkan , Rupak Majumdar , Srinidhi Nagendra

Deep learning (DL) systems can make our life much easier, and thus are gaining more and more attention from both academia and industry. Meanwhile, bugs in DL systems can be disastrous, and can even threaten human lives in safety-critical…

Software Engineering · Computer Science 2022-03-01 Anjiang Wei , Yinlin Deng , Chenyuan Yang , Lingming Zhang

Many protocol implementations are reactive systems, where the protocol process is in continuous interaction with other processes and the environment. If a bug can be exposed only in a certain state, a fuzzer needs to provide a specific…

Cryptography and Security · Computer Science 2023-06-06 Jinsheng Ba , Marcel Böhme , Zahra Mirzamomen , Abhik Roychoudhury

Dynamic data flow analysis has been widely used to guide greybox fuzzing. However, traditional dynamic data flow analysis tends to go astray in the massive path tracking and requires to process a large volume of data, resulting in low…

Cryptography and Security · Computer Science 2023-03-28 Xiaofan Li , Xuan Li , Guangfa Lv , Yongzheng Zhang , Fengyu Wang

Grey-box fuzzing is the lightweight approach of choice for finding bugs in sequential programs. It provides a balance between efficiency and effectiveness by conducting a biased random search over the domain of program inputs using a…

Software Engineering · Computer Science 2023-08-15 Ruijie Meng , George Pîrlea , Abhik Roychoudhury , Ilya Sergey

GPUs play an increasingly important role in modern software. However, the heterogeneous host-device execution model and expanding software stacks make GPU programs prone to memory-safety and concurrency bugs that evade static analysis.…

Cryptography and Security · Computer Science 2026-03-16 Mohamed Tarek Ibn ziad , Christos Kozyrakis

Coverage-guided gray-box fuzzing (CGF) is an efficient software testing technique. There are usually multiple objectives to optimize in CGF. However, existing CGF methods cannot successfully find the optimal values for multiple objectives…

Cryptography and Security · Computer Science 2024-01-31 Gen Zhang , Pengfei Wang , Tai Yue , Xiangdong Kong , Shan Huang , Xu Zhou , Kai Lu

In company with the data explosion over the past decade, deep neural network (DNN) based software has experienced unprecedented leap and is becoming the key driving force of many novel industrial applications, including many safety-critical…

Software Engineering · Computer Science 2018-11-19 Xiaofei Xie , Lei Ma , Felix Juefei-Xu , Hongxu Chen , Minhui Xue , Bo Li , Yang Liu , Jianjun Zhao , Jianxiong Yin , Simon See

Testing ultra-large microservices-based FinTech systems presents significant challenges, including restricted access to production environments, complex dependencies, and stringent security constraints. We propose SandBoxFuzz, a scalable…

Software Engineering · Computer Science 2025-04-29 Jiazhao Yu , Yanlun Tu , Zhanlei Zhang , Tiehua Zhang , Cheng Xu , Weigang Wu , Hong Jin Kang , Xi Zheng

Ensuring the correctness of compiler optimizations is critical, but existing fuzzers struggle to test optimizations effectively. First, most fuzzers use optimization pipelines (heuristics-based, fixed sequences of passes) as their harness.…

Software Engineering · Computer Science 2025-12-05 Zitong Zhou , Ben Limpanukorn , Hong Jin Kang , Jiyuan Wang , Yaoxuan Wu , Akos Kiss , Renata Hodovan , Miryung Kim

Directed fuzzing performs best for targeted program testing via estimating the impact of each input in reaching predefined program points. But due to insufficient analysis of the program structure and lack of flexibility and configurability…

Cryptography and Security · Computer Science 2025-07-08 Darya Parygina , Timofey Mezhuev , Daniil Kuts

As blockchain smart contracts become more widespread and carry more valuable digital assets, they become an increasingly attractive target for attackers. Over the past few years, smart contracts have been subject to a plethora of…

Cryptography and Security · Computer Science 2023-12-12 Peng Qian , Hanjie Wu , Zeren Du , Turan Vural , Dazhong Rong , Zheng Cao , Lun Zhang , Yanbin Wang , Jianhai Chen , Qinming He

Patch fuzzing is a technique aimed at identifying vulnerabilities that arise from newly patched code. While researchers have made efforts to apply patch fuzzing to testing JavaScript engines with considerable success, these efforts have…

Cryptography and Security · Computer Science 2025-05-02 Junjie Wang , Yuhan Ma , Xiaofei Xie , Xiaoning Du , Xiangwei Zhang

Fuzzing has become a widely adopted technique for vulnerability discovery, yet it remains ineffective for structured-input programs due to strict syntactic constraints and limited semantic awareness. Traditional greybox fuzzers rely on…

Cryptography and Security · Computer Science 2026-04-21 Yihao Zou , Tianming Zheng , Futai Zou , Yue Wu

Graph algorithms, such as shortest path finding, play a crucial role in enabling essential applications and services like infrastructure planning and navigation, making their correctness important. However, thoroughly testing graph…

Software Engineering · Computer Science 2025-02-24 Wenqi Yan , Manuel Rigger , Anthony Wirth , Van-Thuan Pham