English
Related papers

Related papers: Is Stateful Fuzzing Really Challenging?

200 papers

Federated learning (FL), as an emerging artificial intelligence (AI) approach, enables decentralized model training across multiple devices without exposing their local training data. FL has been increasingly gaining popularity in both…

Machine Learning · Computer Science 2023-10-23 Victoria Huang , Shaleeza Sohail , Michael Mayo , Tania Lorido Botran , Mark Rodrigues , Chris Anderson , Melanie Ooi

MLFuzz, a work accepted at ACM FSE 2023, revisits the performance of a machine learning-based fuzzer, NEUZZ. We demonstrate that its main conclusion is entirely wrong due to several fatal bugs in the implementation and wrong evaluation…

Cryptography and Security · Computer Science 2024-09-10 Dongdong She , Kexin Pei , Junfeng Yang , Baishakhi Ray , Suman Jana

Modern embedded Linux devices, such as routers, IP cameras, and IoT gateways, rely on complex software stacks where numerous daemons interact to provide services. Testing these devices is crucial from a security perspective since vendors…

Cryptography and Security · Computer Science 2025-09-23 Alessio Izzillo , Riccardo Lazzeretti , Emilio Coppa

Greybox fuzzing has achieved success in revealing bugs and vulnerabilities in programs. However, randomized mutation strategies have limited the fuzzer's performance on structured data. Specialized fuzzers can handle complex structured…

Cryptography and Security · Computer Science 2026-03-18 Hongxiang Zhang , Yuyang Rong , Yifeng He , Hao Chen

Statechart is a visual modelling language for systems. In this paper, we extend our earlier work on modular statecharts with local variables and present an updated operational semantics for statecharts with concurrency. Our variant of the…

Software Engineering · Computer Science 2023-07-12 Karthika Venkatesan , Sujit Kumar Chakrabarti

Directed fuzzing aims to find program inputs that lead to specified target program states. It has broad applications, such as debugging system crashes, confirming reported bugs, and generating exploits for potential vulnerabilities. This…

Cryptography and Security · Computer Science 2025-12-10 Jie Zhu , Chihao Shen , Ziyang Li , Jiahao Yu , Yizheng Chen , Kexin Pei

Security vulnerabilities in Internet-of-Things devices, mobile platforms, and autonomous systems remain critical. Traditional mutation-based fuzzers -- while effectively explore code paths -- primarily perform byte- or bit-level edits…

Software Engineering · Computer Science 2025-09-25 Mengdi Lu , Steven Ding , Furkan Alaca , Philippe Charland

In a buggy configurable system, configuration-dependent bugs cause the failures in only certain configurations due to unexpected interactions among features. Manually localizing configuration-dependent faults in configurable systems could…

Software Engineering · Computer Science 2019-11-20 Son Nguyen

As fuzz testing has passed its 30th anniversary, and in the face of the incredible progress in fuzz testing techniques and tools, the question arises if the classic, basic fuzz technique is still useful and applicable? In that tradition, we…

Software Engineering · Computer Science 2021-01-05 Barton P. Miller , Mengxiao Zhang , Elisa R. Heymann

Open-world video games present a broader search space than other video games, posing challenges for test automation. Fuzzing, which generates new inputs by mutating an initial input, is commonly used to uncover issues. In this study, we…

Software Engineering · Computer Science 2025-11-12 Yusaku Kato , Norihiro Yoshida , Erina Makihara , Katsuro Inoue

Network-facing applications are commonly exposed to all kinds of attacks, especially when connected to the internet. As a result, web servers like Nginx or client applications such as curl make every effort to secure and harden their code…

Cryptography and Security · Computer Science 2024-09-04 Nils Bars , Moritz Schloegel , Nico Schiller , Lukas Bernhard , Thorsten Holz

The emerging data-intensive applications are increasingly dependent on data-intensive scalable computing (DISC) systems, such as Apache Spark, to process large data. Despite their popularity, DISC applications are hard to test. In recent…

Software Engineering · Computer Science 2021-03-10 Qian Zhang , Jiyuan Wang , Muhammad Ali Gulzar , Rohan Padhye , Miryung Kim

Emulation-based fuzzers enable testing binaries without source code, and facilitate testing embedded applications where automated execution on the target hardware architecture is difficult and slow. The instrumentation techniques added to…

Cryptography and Security · Computer Science 2023-06-22 Michael Chesser , Surya Nepal , Damith C. Ranasinghe

This paper proposes a new fuzzy assessing procedure with application in management decision making. The proposed fuzzy approach build the membership functions for system characteristics of a standby repairable system. This method is used to…

Artificial Intelligence · Computer Science 2017-07-07 Shoele Jamali , Mehrdad J. Bani

Fuzzing is a widely used technique for detecting software bugs and vulnerabilities. Most popular fuzzers generate new inputs using an evolutionary search to maximize code coverage. Essentially, these fuzzers start with a set of seed inputs,…

Software Engineering · Computer Science 2020-09-14 Dongdong She , Rahul Krishna , Lu Yan , Suman Jana , Baishakhi Ray

Fuzzing is a popular technique for finding software bugs. However, the performance of the state-of-the-art fuzzers leaves a lot to be desired. Fuzzers based on symbolic execution produce quality inputs but run slow, while fuzzers based on…

Cryptography and Security · Computer Science 2018-03-28 Peng Chen , Hao Chen

This work investigates the potential of Federated Learning (FL) for official statistics and shows how well the performance of FL models can keep up with centralized learning methods.F L is particularly interesting for official statistics…

Machine Learning · Computer Science 2023-10-02 Joshua Stock , Oliver Hauke , Julius Weißmann , Hannes Federrath

Deep learning (DL) has attracted wide attention and has been widely deployed in recent years. As a result, more and more research efforts have been dedicated to testing DL libraries and frameworks. However, existing work largely overlooked…

Software Engineering · Computer Science 2024-01-02 Chenyuan Yang , Yinlin Deng , Jiayi Yao , Yuxing Tu , Hanchi Li , Lingming Zhang

Recent efforts in practical symbolic execution have successfully mitigated the path-explosion problem to some extent with search-based heuristics and compositional approaches. Similarly, due to an increase in the performance of cheap…

Software Engineering · Computer Science 2017-12-20 Saahil Ognawala , Ana Petrovska , Kristian Beckers

Recent research has sought to improve fuzzing performance via parallel computing. However, researchers focus on improving efficiency while ignoring the increasing cost of testing resources. Parallel fuzzing in the distributed environment…

Cryptography and Security · Computer Science 2022-11-16 Xu Zhou , Pengfei Wang , Chenyifan Liu , Tai Yue , Yingying Liu , Congxi Song , Kai Lu , Qidi Yin , Xu Han