English
Related papers

Related papers: HOPPER: Interpretative Fuzzing for Libraries

200 papers

Despite its long-standing popularity and fundamental role in an operating system, the Unix shell has rarely been a subject of academic research. In particular, regardless of the significant progress in compiler testing, there has been…

Software Engineering · Computer Science 2024-08-02 Riccardo Felici , Laura Pozzi , Carlo A. Furia

A flurry of fuzzing tools (fuzzers) have been proposed in the literature, aiming at detecting software vulnerabilities effectively and efficiently. To date, it is however still challenging to compare fuzzers due to the inconsistency of the…

Cryptography and Security · Computer Science 2020-10-06 Yuwei Li , Shouling Ji , Yuan Chen , Sizhuang Liang , Wei-Han Lee , Yueyao Chen , Chenyang Lyu , Chunming Wu , Raheem Beyah , Peng Cheng , Kangjie Lu , Ting Wang

Fuzzing has proven to be a fundamental technique to automated software testing but also a costly one. With the increased adoption of CI/CD practices in software development, a natural question to ask is `What are the best ways to integrate…

Software Engineering · Computer Science 2022-06-08 Thijs Klooster , Fatih Turkmen , Gerben Broenink , Ruben ten Hove , Marcel Böhme

Expressing class specifications via executable constraints is important for various software engineering tasks such as test generation, bug finding and automated debugging, but developers rarely write them. Techniques that infer…

Software Engineering · Computer Science 2022-01-27 Facundo Molina , Marcelo d'Amorim , Nazareno Aguirre

In vulnerability detection, machine learning has been used as an effective static analysis technique, although it suffers from a significant rate of false positives. Contextually, in vulnerability discovery, fuzzing has been used as an…

Cryptography and Security · Computer Science 2025-05-05 Gianpietro Castiglione , Marcello Maugeri , Giampaolo Bella

Tracing the sequence of library and system calls that a program makes is very helpful in the characterization of its interactions with the surrounding environment and ultimately of its semantics. Due to entanglements of real-world software…

Cryptography and Security · Computer Science 2024-10-30 Daniele Cono D'Elia , Simone Nicchi , Matteo Mariani , Matteo Marini , Federico Palmaro

Hybrid testing approaches that involve fuzz testing and symbolic execution have shown promising results in achieving high code coverage, uncovering subtle errors and vulnerabilities in a variety of software applications. In this paper we…

Software Engineering · Computer Science 2018-06-11 Yannic Noller , Rody Kersten , Corina S. Păsăreanu

Fuzzing is a technique of finding bugs by executing a software recurrently with a large number of abnormal inputs. Most of the existing fuzzers consider all parts of a software equally, and pay too much attention on how to improve the code…

Cryptography and Security · Computer Science 2019-01-07 Yuwei Li , Shouling Ji , Chenyang Lv , Yuan Chen , Jianhai Chen , Qinchen Gu , Chunming Wu

ProSper is a python library containing probabilistic algorithms to learn dictionaries. Given a set of data points, the implemented algorithms seek to learn the elementary components that have generated the data. The library widens the scope…

Signal Processing · Electrical Eng. & Systems 2019-08-20 Georgios Exarchakis , Jörg Bornschein , Abdul-Saboor Sheikh , Zhenwen Dai , Marc Henniges , Jakob Drefs , Jörg Lücke

We present Harvey, an industrial greybox fuzzer for smart contracts, which are programs managing accounts on a blockchain. Greybox fuzzing is a lightweight test-generation approach that effectively detects bugs and security vulnerabilities.…

Software Engineering · Computer Science 2019-05-17 Valentin Wüstholz , Maria Christakis

Programming errors that degrade the performance of systems are widespread, yet there is little tool support for analyzing these bugs. We present a method based on differential performance analysis---we find inputs for which the performance…

Machine Learning · Computer Science 2020-06-04 Saeid Tizpaz-Niari , Pavol Cerný , Ashutosh Trivedi

Coverage-guided fuzzing has been widely applied to address zero-day vulnerabilities in general-purpose software and operating systems. This approach relies on instrumenting the target code at compile time. However, applying it to industrial…

Cryptography and Security · Computer Science 2026-05-12 Carmine Cesarano , Roberto Natella

Fuzzing is a widely used technique for detecting software bugs and vulnerabilities. Most popular fuzzers generate new inputs using an evolutionary search to maximize code coverage. Essentially, these fuzzers start with a set of seed inputs,…

Software Engineering · Computer Science 2020-09-14 Dongdong She , Rahul Krishna , Lu Yan , Suman Jana , Baishakhi Ray

Fuzzing is an important dynamic program analysis technique designed for finding vulnerabilities in complex software. Fuzzing involves presenting a target program with crafted malicious input to cause crashes, buffer overflows, memory…

Semantic understanding of programs has attracted great attention in the community. Inspired by recent successes of large language models (LLMs) in natural language understanding, tremendous progress has been made by treating programming…

Machine Learning · Computer Science 2023-06-13 Jianyu Zhao , Yuyang Rong , Yiwen Guo , Yifeng He , Hao Chen

This paper introduces Pythia, the first fuzzer that augments grammar-based fuzzing with coverage-guided feedback and a learning-based mutation strategy for stateful REST API fuzzing. Pythia uses a statistical model to learn common usage…

Software Engineering · Computer Science 2020-05-26 Vaggelis Atlidakis , Roxana Geambasu , Patrice Godefroid , Marina Polishchuk , Baishakhi Ray

Fuzzing is the process of finding security vulnerabilities in input-processing code by repeatedly testing the code with modified inputs. In this paper, we formalize fuzzing as a reinforcement learning problem using the concept of Markov…

Artificial Intelligence · Computer Science 2018-01-16 Konstantin Böttinger , Patrice Godefroid , Rishabh Singh

Many business processes currently depend on web services, often using REST APIs for communication. REST APIs expose web service functionality through endpoints, allowing easy client interaction over the Internet. To reduce the security risk…

Software Engineering · Computer Science 2026-03-26 Thomas Rooijakkers , Anne Nijsten , Cristian Daniele , Erieke Weitenberg , Ringo Groenewegen , Arthur Melissen

The increasing complexity of modern processors poses many challenges to existing hardware verification tools and methodologies for detecting security-critical bugs. Recent attacks on processors have shown the fatal consequences of…

Cryptography and Security · Computer Science 2022-01-26 Aakash Tyagi , Addison Crump , Ahmad-Reza Sadeghi , Garrett Persyn , Jeyavijayan Rajendran , Patrick Jauernig , Rahul Kande

Fuzz Testing techniques are the state of the art in software testing for security issues nowadays. Their great effectiveness attracted the attention of researchers and hackers and involved them in developing a lot of new techniques to…

Cryptography and Security · Computer Science 2021-02-09 Andrea Fioraldi , Luigi Paolo Pileggi
‹ Prev 1 3 4 5 6 7 10 Next ›