English
Related papers

Related papers: Same Coverage, Less Bloat: Accelerating Binary-onl…

200 papers

Fuzz testing, or fuzzing, has become one of the de facto standard techniques for bug finding in the software industry. In general, fuzzing provides various inputs to the target program to discover unhandled exceptions and crashes. In…

Software Engineering · Computer Science 2021-09-20 Yifan Wang , Yuchen Zhang , Chengbin Pang , Peng Li , Nikolaos Triandopoulos , Jun Xu

Fuzzing has emerged as a powerful technique for finding security bugs in complicated real-world applications. American fuzzy lop (AFL), a leading fuzzing tool, has demonstrated its powerful bug finding ability through a vast number of…

Cryptography and Security · Computer Science 2023-07-06 Tai D. Nguyen , Long H. Pham , Jun Sun

Verification is a critical process for ensuring the correctness of modern processors. The increasing complexity of processor designs and the emergence of new instruction set architectures (ISAs) like RISC-V have created demands for more…

Hardware Architecture · Computer Science 2026-02-04 Yang Zhong , Haoran Wu , Xueqi Li , Sa Wang , David Boland , Yungang Bao , Kan Shi

Software vulnerabilities are constantly being reported and exploited in software products, causing significant impacts on society. In recent years, the main approach to vulnerability detection, fuzzing, has been integrated into the…

Software Engineering · Computer Science 2025-10-21 Tatsuya Shirai , Olivier Nourry , Yutaro Kashiwa , Kenji Fujiwara , Yasutaka Kamei , Hajimu Iida

We present a coverage-guided testing algorithm for distributed systems implementations. Our main innovation is the use of an abstract formal model of the system that is used to define coverage. Such abstract models are frequently developed…

Software Engineering · Computer Science 2025-09-03 Ege Berkay Gulcan , Burcu Kulahcioglu Ozkan , Rupak Majumdar , Srinidhi Nagendra

Directed fuzzing is a useful testing technique that aims to efficiently reach target code sites in a program. The core of directed fuzzing is the guiding mechanism that directs the fuzzing to the specified target. A general guiding…

Cryptography and Security · Computer Science 2025-11-17 Weiheng Bai , Kefu Wu , Qiushi Wu , Kangjie Lu

Fuzz testing (or fuzzing) is an effective technique used to find security vulnerabilities. It consists of feeding a software under test with malformed inputs, waiting for a weird system behaviour (often a crash of the system). Over the…

Cryptography and Security · Computer Science 2023-03-14 Marcello Maugeri , Cristian Daniele , Giampaolo Bella , Erik Poll

Fuzzing is widely used for software vulnerability detection. There are various kinds of fuzzers with different fuzzing strategies, and most of them perform well on their targets. However, in industry practice and empirical study, the…

Software Engineering · Computer Science 2019-05-07 Yuanliang Chen , Yu Jiang , Fuchen Ma , Jie Liang , Mingzhe Wang , Chijin Zhou , Zhuo Su , Xun Jiao

Deep Learning (DL) libraries such as PyTorch provide the core components to build major AI-enabled applications. Finding bugs in these libraries is important and challenging. Prior approaches have tackled this by performing either API-level…

Software Engineering · Computer Science 2025-09-19 Feiran Qin , M. M. Abid Naziri , Hengyu Ai , Saikat Dutta , Marcelo d'Amorim

Context: Exhaustive fuzzing of modern JavaScript engines is infeasible due to the vast number of program states and execution paths. Coverage-guided fuzzers waste effort on low-risk inputs, often ignoring vulnerability-triggering ones that…

Software Engineering · Computer Science 2025-12-23 Kishan Kumar Ganguly , Tim Menzies

Fuzzing is a highly effective automated testing method for uncovering software vulnerabilities. Despite advances in fuzzing techniques, such as coverage-guided greybox fuzzing, many fuzzers struggle with coverage plateaus caused by fuzz…

Software Engineering · Computer Science 2025-10-07 Wentao Gao , Renata Borovica-Gajic , Sang Kil Cha , Tian Qiu , Van-Thuan Pham

As the complexity of modern processors has increased over the years, developing effective verification strategies to identify bugs prior to manufacturing has become critical. Undiscovered micro-architectural bugs in processors can manifest…

As an infrastructure for data persistence and analysis, Database Management Systems (DBMSs) are the cornerstones of modern enterprise software. To improve their correctness, the industry has been applying blackbox fuzzing for decades.…

Software Engineering · Computer Science 2021-03-02 Mingzhe Wang , Zhiyong Wu , Xinyi Xu , Jie Liang , Chijin Zhou , Huafeng Zhang , Yu Jiang

The control logic models built by Simulink or Ptolemy have been widely used in industry scenes. It is an urgent need to ensure the safety and security of the control logic models. Test case generation technologies are widely used to ensure…

Software Engineering · Computer Science 2022-11-10 Yixiao Yang

Hardware Fuzzing emerged as one of the crucial techniques for finding security flaws in modern hardware designs by testing a wide range of input scenarios. One of the main challenges is creating high-quality input seeds that maximize…

Cryptography and Security · Computer Science 2026-01-27 Raghul Saravanan , Sudipta Paria , Aritra Dasgupta , Swarup Bhunia , Sai Manoj P D

A common paradigm for improving fuzzing performance is to focus on selected regions of a program rather than its entirety. While previous work has largely explored how these locations can be reached, their selection, that is, the where, has…

GPUs play an increasingly important role in modern software. However, the heterogeneous host-device execution model and expanding software stacks make GPU programs prone to memory-safety and concurrency bugs that evade static analysis.…

Cryptography and Security · Computer Science 2026-03-16 Mohamed Tarek Ibn ziad , Christos Kozyrakis

While fuzzing is widely accepted as an efficient program testing technique, it is still unclear how to measure the comparative quality of different fuzzers. The current de facto quality metrics are edge coverage and the number of discovered…

Software Engineering · Computer Science 2024-09-24 Gwangmu Lee

Code reuse in software development frequently facilitates the spread of vulnerabilities, making the scope of affected software in CVE reports imprecise. Traditional methods primarily focus on identifying reused vulnerability code within…

Software Engineering · Computer Science 2024-11-28 Siyuan Li , Yuekang Li , Zuxin Chen , Chaopeng Dong , Yongpan Wang , Hong Li , Yongle Chen , Hongsong Zhu

Fuzzing has become the de facto standard technique for finding software vulnerabilities. However, even state-of-the-art fuzzers are not very efficient at finding hard-to-trigger software bugs. Most popular fuzzers use evolutionary guidance…

Cryptography and Security · Computer Science 2019-07-16 Dongdong She , Kexin Pei , Dave Epstein , Junfeng Yang , Baishakhi Ray , Suman Jana