English
Related papers

Related papers: Is Stateful Fuzzing Really Challenging?

200 papers

Fuzz testing is a crucial component of software security assessment, yet its effectiveness heavily relies on valid fuzz drivers and diverse seed inputs. Recent advancements in Large Language Models (LLMs) offer transformative potential for…

Software Engineering · Computer Science 2025-03-04 Yiran Cheng , Hong Jin Kang , Lwin Khin Shar , Chaopeng Dong , Zhiqiang Shi , Shichao Lv , Limin Sun

Solid-State Drive (SSD) firmware manages complex internal states, including flash memory maintenance. Due to nondeterministic I/O operations, traditional testing methods struggle to rapidly achieve coverage of firmware code areas that…

Software Engineering · Computer Science 2025-05-07 Gangho Yoon , Eunseok Lee

Fuzzing has proven to be very effective for discovering certain classes of software flaws, but less effective in helping developers process these discoveries. Conventional crash-based fuzzers lack enough information about failures to…

Cryptography and Security · Computer Science 2024-11-04 Allison Naaktgeboren , Sean Noble Anderson , Andrew Tolmach , Greg Sullivan

Fuzz testing is a fundamental technique employed to identify vulnerabilities within software systems. However, the process can be protracted and resource-intensive, especially when confronted with extensive codebases. In this work, I…

Software Engineering · Computer Science 2024-12-12 Saket Upadhyay

Automated random testing has shown to be an effective approach to finding faults but still faces a major unsolved issue: how to generate test inputs diverse enough to find many faults and find them quickly. Stateful testing, the automated…

Software Engineering · Computer Science 2013-08-14 Yi Wei , Hannes Roth , Carlo A. Furia , Yu Pei , Alexander Horton , Michael Steindorfer , Martin Nordio , Bertrand Meyer

Accountable use of AI systems in high-stakes settings relies on making systems contestable. In this paper we study efforts to contest AI systems in practice by studying how public defenders scrutinize AI in court. We present findings from…

Computers and Society · Computer Science 2024-03-21 Angela Jin , Niloufar Salehi

Industrial Control Protocols (ICPs) are critical to the reliability and stability of industrial infrastructure, yet their security is fundamentally compromised by a specification-blindness bottleneck. Modern fuzzers, constrained by…

Cryptography and Security · Computer Science 2026-05-07 Jiaying Meng , Xuewei Feng , Qi Li , Min Liu , Ke Xu

Fuzzing is a commonly used technique designed to test software by automatically crafting program inputs. Currently, the most successful fuzzing algorithms emphasize simple, low-overhead strategies with the ability to efficiently monitor…

Software Engineering · Computer Science 2018-07-20 William Drozd , Michael D. Wagner

Fuzzing has proven to be a fundamental technique to automated software testing but also a costly one. With the increased adoption of CI/CD practices in software development, a natural question to ask is `What are the best ways to integrate…

Software Engineering · Computer Science 2022-06-08 Thijs Klooster , Fatih Turkmen , Gerben Broenink , Ruben ten Hove , Marcel Böhme

Robustness is a key concern for Rust library development because Rust promises no risks of undefined behaviors if developers use safe APIs only. Fuzzing is a practical approach for examining the robustness of programs. However, existing…

Software Engineering · Computer Science 2021-10-25 Jianfeng Jiang , Hui Xu , Yangfan Zhou

Fuzz testing to find semantic control vulnerabilities is an essential activity to evaluate the robustness of autonomous driving (AD) software. Whilst there is a preponderance of disparate fuzzing tools that target different parts of the…

Cryptography and Security · Computer Science 2025-04-16 Andrew Roberts , Lorenz Teply , Mert D. Pese , Olaf Maennel , Mohammad Hamad , Sebastian Steinhorst

In this paper, we introduce a comprehensive approach to bolstering the security, reliability, and comprehensibility of OpenAirInterface5G (OAI5G), an open-source software framework for the exploration, development, and testing of 5G…

Software Engineering · Computer Science 2023-09-25 Huan Wu , Brian Fang , Fei Xie

Fuzzing is a powerful technique for finding bugs in software libraries, but scaling it remains difficult. Automated harness generation commits to fixed API sequences at synthesis time, limiting the behaviors each harness can test.…

Software Engineering · Computer Science 2026-02-24 Harrison Green , Fraser Brown , Claire Le Goues

In this work, we set out to conduct the first ground-truth empirical evaluation of state-of-the-art DL fuzzers. Specifically, we first manually created an extensive DL bug benchmark dataset, which includes 627 real-world DL bugs from…

Software Engineering · Computer Science 2023-10-12 Nima Shiri Harzevili , Hung Viet Pham , Song Wang

Fuzzing has played an important role in improving software development and testing over the course of several decades. Recent research in fuzzing has focused on applications of machine learning (ML), offering useful tools to overcome…

Cryptography and Security · Computer Science 2019-10-11 Gary J Saavedra , Kathryn N Rodhouse , Daniel M Dunlavy , Philip W Kegelmeyer

In recent years, there has been a notable surge in attention towards hardware security, driven by the increasing complexity and integration of processors, SoCs, and third-party IPs aimed at delivering advanced solutions. However, this…

Cryptography and Security · Computer Science 2024-03-20 Raghul Saravanan , Sai Manoj Pudukotai Dinakarrao

The conventional wisdom is that a software-defined network (SDN) operates under the premise that the logically centralized control plane has an accurate representation of the actual data plane state. Unfortunately, bugs, misconfigurations,…

Networking and Internet Architecture · Computer Science 2020-12-08 Apoorv Shukla , Said Jawad Saidi , Stefan Schmid , Marco Canini , Thomas Zinner , Anja Feldmann

Protocol implementations are stateful which makes them difficult to test: Sending the same test input message twice might yield a different response every time. Our proposal to consider a sequence of messages as a seed for coverage-directed…

Software Engineering · Computer Science 2025-04-30 Ruijie Meng , Van-Thuan Pham , Marcel Böhme , Abhik Roychoudhury

Fuzzing is a highly effective automated testing method for uncovering software vulnerabilities. Despite advances in fuzzing techniques, such as coverage-guided greybox fuzzing, many fuzzers struggle with coverage plateaus caused by fuzz…

Software Engineering · Computer Science 2025-10-07 Wentao Gao , Renata Borovica-Gajic , Sang Kil Cha , Tian Qiu , Van-Thuan Pham

Software vulnerabilities are constantly being reported and exploited in software products, causing significant impacts on society. In recent years, the main approach to vulnerability detection, fuzzing, has been integrated into the…

Software Engineering · Computer Science 2025-10-21 Tatsuya Shirai , Olivier Nourry , Yutaro Kashiwa , Kenji Fujiwara , Yasutaka Kamei , Hajimu Iida
‹ Prev 1 3 4 5 6 7 10 Next ›