English
Related papers

Related papers: Rare-Seed Generation for Fuzzing

200 papers

Seed scheduling, the order in which seeds are selected, can greatly affect the performance of a fuzzer. Existing approaches schedule seeds based on their historical mutation data, but ignore the structure of the underlying Control Flow…

Cryptography and Security · Computer Science 2022-03-25 Dongdong She , Abhishek Shah , Suman Jana

Prime path coverage is a powerful structural testing criterion, but generating all prime paths in a directed graph remains computationally challenging due to the potentially exponential number of them. Existing approaches typically rely on…

Software Engineering · Computer Science 2026-04-27 Jakub Zelek , Jakub Ruszil , Adam Roman , Artur Polański

Fuzzing is widely used for software vulnerability detection. There are various kinds of fuzzers with different fuzzing strategies, and most of them perform well on their targets. However, in industry practice and empirical study, the…

Software Engineering · Computer Science 2019-05-07 Yuanliang Chen , Yu Jiang , Fuchen Ma , Jie Liang , Mingzhe Wang , Chijin Zhou , Zhuo Su , Xun Jiao

We improve the performance of the American Fuzzy Lop (AFL) fuzz testing framework by using Generative Adversarial Network (GAN) models to reinitialize the system with novel seed files. We assess performance based on the temporal rate at…

Artificial Intelligence · Computer Science 2017-11-09 Nicole Nichols , Mark Raugas , Robert Jasper , Nathan Hilliard

Fuzzing is a highly-scalable software testing technique that uncovers bugs in a target program by executing it with mutated inputs. Over the life of a fuzzing campaign, the fuzzer accumulates inputs inducing new and interesting target…

Cryptography and Security · Computer Science 2023-12-11 Simon Luo , Adrian Herrera , Paul Quirk , Michael Chase , Damith C. Ranasinghe , Salil S. Kanhere

Mutation-based fuzzing typically uses an initial set of non-crashing seed inputs (a corpus) from which to generate new inputs by mutation. A corpus of potential seeds will often contain thousands of similar inputs. This lack of diversity…

Cryptography and Security · Computer Science 2020-09-22 Adrian Herrera , Hendra Gunadi , Liam Hayes , Shane Magrath , Felix Friedlander , Maggi Sebastian , Michael Norrish , Antony L. Hosking

Coverage-based graybox fuzzer (CGF), such as AFL has gained great success in vulnerability detection thanks to its ease-of-use and bug-finding power. Since some code fragments such as memory allocation are more vulnerable than others,…

Cryptography and Security · Computer Science 2021-03-02 Wenshuo Wang , Liang Cheng , Yang Zhang

Bounded model checking (BMC) and fuzzing techniques are among the most effective methods for detecting errors and security vulnerabilities in software. However, there are still shortcomings in detecting these errors due to the inability of…

Software Engineering · Computer Science 2024-04-19 Kaled M. Alshmrany , Mohannad Aldughaim , Ahmed Bhayat , Lucas C. Cordeiro

Fuzzing continues to be the most effective method for identifying security vulnerabilities in software. In the context of fuzz testing, the fuzzer supplies varied inputs to fuzz targets, which are designed to comprehensively exercise…

Software Engineering · Computer Science 2026-01-21 Chi Thien Tran

Greybox fuzzing has made impressive progress in recent years, evolving from heuristics-based random mutation to approaches for solving individual path constraints. However, they have difficulty solving path constraints that involve deeply…

Cryptography and Security · Computer Science 2019-10-10 Peng Chen , Jianzhong Liu , Hao Chen

Rust is a promising programming language that focuses on concurrency, usability, and security. It is used in production code by major industry players and got recommended by government bodies. Rust provides strong security guarantees…

Cryptography and Security · Computer Science 2025-05-06 David Paaßen , Jens-Rene Giesen , Lucas Davi

Estimating worst-case resource consumption is a critical task in software development. The worst-case analysis (WCA) problem is an optimization-based abstraction of this task. Fuzzing and symbolic execution are widely used techniques for…

Software Engineering · Computer Science 2025-07-15 Zimu Chen , Di Wang

Fuzzing is a security testing methodology effective in finding bugs. In a nutshell, a fuzzer sends multiple slightly malformed messages to the software under test, hoping for crashes or weird system behaviour. The methodology is relatively…

Cryptography and Security · Computer Science 2023-01-09 Cristian Daniele , Seyed Behnam Andarzian , Erik Poll

Hybrid testing approaches that involve fuzz testing and symbolic execution have shown promising results in achieving high code coverage, uncovering subtle errors and vulnerabilities in a variety of software applications. In this paper we…

Software Engineering · Computer Science 2018-06-11 Yannic Noller , Rody Kersten , Corina S. Păsăreanu

Seed explosion is a fundamental problem in fuzzing seed scheduling, where a fuzzer maintains a huge corpus and fails to choose promising seeds. Existing works focus on seed prioritization but still suffer from seed explosion since corpus…

Software Engineering · Computer Science 2026-02-27 Yuchong Xie , Kaikai Zhang , Yu Liu , Rundong Yang , Ping Chen , Shuai Wang , Dongdong She

Binary-only fuzzing often struggles with achieving thorough code coverage and uncovering hidden vulnerabilities due to limited insight into a program's internal dataflows. Traditional grey-box fuzzers guide test case generation primarily…

Software Engineering · Computer Science 2025-09-08 Kai Feng , Jeremy Singer , Angelos K Marnerides

As with any fuzzer, directing Generator-Based Fuzzers (GBF) to reach particular code targets can increase the fuzzer's effectiveness. In previous work, coverage-guided fuzzers used a mix of static analysis, taint analysis, and…

Software Engineering · Computer Science 2026-01-21 Soha Hussein , Stephen McCamant , Mike Whalen

Fuzzing has become the de facto standard technique for finding software vulnerabilities. However, even state-of-the-art fuzzers are not very efficient at finding hard-to-trigger software bugs. Most popular fuzzers use evolutionary guidance…

Cryptography and Security · Computer Science 2019-07-16 Dongdong She , Kexin Pei , Dave Epstein , Junfeng Yang , Baishakhi Ray , Suman Jana

Fuzzing is the process of finding security vulnerabilities in input-processing code by repeatedly testing the code with modified inputs. In this paper, we formalize fuzzing as a reinforcement learning problem using the concept of Markov…

Artificial Intelligence · Computer Science 2018-01-16 Konstantin Böttinger , Patrice Godefroid , Rishabh Singh

Software fuzzing mutates bytes in the test seeds to explore different behaviors of the program under test. Initial seeds can have great impact on the performance of a fuzzing campaign. Mutating a lot of uninteresting bytes in a large seed…

Software Engineering · Computer Science 2021-12-28 Aftab Hussain , Mohammad Amin Alipour