English
Related papers

Related papers: Fuzz4All: Universal Fuzzing with Large Language Mo…

200 papers

Fuzzing is an effective bug-finding technique but it struggles with complex systems like JavaScript engines that demand precise grammatical input. Recently, researchers have adopted language models for context-aware mutation in fuzzing to…

Cryptography and Security · Computer Science 2024-02-20 Jueon Eom , Seyeon Jeong , Taekyoung Kwon

Jailbreaking large-language models (LLMs) involves testing their robustness against adversarial prompts and evaluating their ability to withstand prompt attacks that could elicit unauthorized or malicious responses. In this paper, we…

Cryptography and Security · Computer Science 2025-06-06 Aman Goel , Xian Carrie Wu , Zhe Wang , Dmitriy Bespalov , Yanjun Qi

Fuzz testing to find semantic control vulnerabilities is an essential activity to evaluate the robustness of autonomous driving (AD) software. Whilst there is a preponderance of disparate fuzzing tools that target different parts of the…

Cryptography and Security · Computer Science 2025-04-16 Andrew Roberts , Lorenz Teply , Mert D. Pese , Olaf Maennel , Mohammad Hamad , Sebastian Steinhorst

Bugs in operating system kernels can affect billions of devices and users all over the world. As a result, a large body of research has been focused on kernel fuzzing, i.e., automatically generating syscall (system call) sequences to detect…

Cryptography and Security · Computer Science 2025-03-17 Chenyuan Yang , Zijie Zhao , Lingming Zhang

Fuzzing has emerged as a powerful technique for finding security bugs in complicated real-world applications. American fuzzy lop (AFL), a leading fuzzing tool, has demonstrated its powerful bug finding ability through a vast number of…

Cryptography and Security · Computer Science 2023-07-06 Tai D. Nguyen , Long H. Pham , Jun Sun

Software fuzzing has become a cornerstone in automated vulnerability discovery, yet existing mutation strategies often lack semantic awareness, leading to redundant test cases and slow exploration of deep program states. In this work, I…

Cryptography and Security · Computer Science 2025-11-07 Shiyin Lin

Modern software often accepts inputs with highly complex grammars. Recent advances in large language models (LLMs) have shown that they can be used to synthesize high-quality natural language text and code that conforms to the grammar of a…

Software Engineering · Computer Science 2025-02-03 Kunpeng Zhang , Zongjie Li , Daoyuan Wu , Shuai Wang , Xin Xia

BusyBox, an open-source software bundling over 300 essential Linux commands into a single executable, is ubiquitous in Linux-based embedded devices. Vulnerabilities in BusyBox can have far-reaching consequences, affecting a wide array of…

Software Engineering · Computer Science 2025-03-26 Asmita , Yaroslav Oliinyk , Michael Scott , Ryan Tsang , Chongzhou Fang , Houman Homayoun

The Language Server Protocol (LSP) has revolutionized the integration of code intelligence in modern software development. There are approximately 300 LSP server implementations for various languages and 50 editors offering LSP integration.…

Software Engineering · Computer Science 2026-01-29 Hengcheng Zhu , Songqiang Chen , Valerio Terragni , Lili Wei , Yepang Liu , Jiarong Wu , Shing-Chi Cheung

Compilers constitute the foundational root-of-trust in software supply chains; however, their immense complexity inevitably conceals critical defects. Recent research has attempted to leverage historical bugs to design new mutation…

Software Engineering · Computer Science 2026-01-28 Xingbang He , Yuanwei Chen , Hao Wu , Jikang Zhang , Zicheng Wang , Ligeng Chen , Junjie Peng , Haiyang Wei , Yi Qian , Tiantai Zhang , Linzhang Wang , Bing Mao

Fuzzing is utilized for testing software and systems for cybersecurity risk via the automated adaptation of inputs. It facilitates the identification of software bugs and misconfigurations that may create vulnerabilities, cause abnormal…

Cryptography and Security · Computer Science 2023-06-08 Jack Hance , Jeremy Straub

Deep Learning (DL) frameworks have served as fundamental components in DL systems over the last decade. However, bugs in DL frameworks could lead to catastrophic consequences in critical scenarios. A simple yet effective way to find bugs in…

Software Engineering · Computer Science 2026-01-21 Shaoyu Yang , Chunrong Fang , Haifeng Lin , Xiang Chen , Jia Liu , Zhenyu Chen

Software vulnerabilities pose critical security threats, with nearly 50,000 CVEs reported in 2025. While Large Language Models (LLMs) show promise for automated vulnerability detection, three key challenges remain. First, LLM-generated…

Cryptography and Security · Computer Science 2026-05-22 Ze Sheng , Zhicheng Chen , Qingxiao Xu , Kewen Zhu , Jeff Huang

Fuzzing is one of the key techniques for evaluating the robustness of programs against attacks. Fuzzing has to be effective in producing inputs that cover functionality and find vulnerabilities. But it also has to be efficient in producing…

Software Engineering · Computer Science 2019-11-19 Rahul Gopinath , Andreas Zeller

Fuzz testing effectively uncovers software vulnerabilities; however, it faces challenges with Autonomous Systems (AS) due to their vast search spaces and complex state spaces, which reflect the unpredictability and complexity of real-world…

Software Engineering · Computer Science 2024-12-30 Taohong Zhu , Adrians Skapars , Fardeen Mackenzie , Declan Kehoe , William Newton , Suzanne Embury , Youcheng Sun

Fuzzing is a technique of finding bugs by executing a software recurrently with a large number of abnormal inputs. Most of the existing fuzzers consider all parts of a software equally, and pay too much attention on how to improve the code…

Cryptography and Security · Computer Science 2019-01-07 Yuwei Li , Shouling Ji , Chenyang Lv , Yuan Chen , Jianhai Chen , Qinchen Gu , Chunming Wu

Fuzzing is highly effective in detecting bugs due to the key contribution of randomness. However, randomness significantly reduces the efficiency of fuzzing, causing it to cost days or weeks to expose bugs. Even though directed fuzzing…

Software Engineering · Computer Science 2025-07-31 Xiaotao Feng , Xiaogang Zhu , Kun Hu , Jincheng Wang , Yingjie Cao , Guang Gong , Jianfeng Pan

Large Language Models (LLMs) are widely used for code generation, but they face critical security risks when applied to practical production due to package hallucinations, in which LLMs recommend non-existent packages. These hallucinations…

Software Engineering · Computer Science 2025-10-07 Yukai Zhao , Menghan Wu , Xing Hu , Xin Xia

Internet of Things (IoT) devices offer convenience through web interfaces, web VPNs, and other web-based services, all relying on the HTTP protocol. However, these externally exposed HTTP services resent significant security risks. Although…

Cryptography and Security · Computer Science 2024-11-20 Zhe Yang , Hao Peng , Yanling Jiang , Xingwei Li , Haohua Du , Shuhai Wang , Jianwei Liu

Semantic understanding of programs has attracted great attention in the community. Inspired by recent successes of large language models (LLMs) in natural language understanding, tremendous progress has been made by treating programming…

Machine Learning · Computer Science 2023-06-13 Jianyu Zhao , Yuyang Rong , Yiwen Guo , Yifeng He , Hao Chen