English
Related papers

Related papers: SQLaser: Detecting DBMS Logic Bugs with Clause-Gui…

200 papers

Fuzzing is a widely used software security testing technique that is designed to identify vulnerabilities in systems by providing invalid or unexpected input. Continuous fuzzing systems like OSS-FUZZ have been successful in finding security…

Cryptography and Security · Computer Science 2023-07-04 Chaitanya Rahalkar

Multi-robot swarms play an essential role in complex missions including battlefield reconnaissance, agricultural pest monitoring, as well as disaster search and rescue. Unfortunately, given the complexity of swarm algorithms, logical…

Cryptography and Security · Computer Science 2025-10-06 Ruoyu Zhou , Zhiwei Zhang , Haocheng Han , Xiaodong Zhang , Zehan Chen , Jun Sun , Yulong Shen , Dehai Xu

Context: Exhaustive fuzzing of modern JavaScript engines is infeasible due to the vast number of program states and execution paths. Coverage-guided fuzzers waste effort on low-risk inputs, often ignoring vulnerability-triggering ones that…

Software Engineering · Computer Science 2025-12-23 Kishan Kumar Ganguly , Tim Menzies

As an infrastructure for data persistence and analysis, Database Management Systems (DBMSs) are the cornerstones of modern enterprise software. To improve their correctness, the industry has been applying blackbox fuzzing for decades.…

Software Engineering · Computer Science 2021-03-02 Mingzhe Wang , Zhiyong Wu , Xinyi Xu , Jie Liang , Chijin Zhou , Huafeng Zhang , Yu Jiang

Testing a program's capability to effectively handling errors is a significant challenge, given that program errors are relatively uncommon. To solve this, Software Fault Injection (SFI)-based fuzzing integrates SFI and traditional fuzzing,…

Cryptography and Security · Computer Science 2024-07-08 Jin Wei , Ping Chen , Jun Dai , Xiaoyan Sun , Zhihao Zhang , Chang Xu , Yi Wanga

Vector database management systems (VDBMSs) play a crucial role in facilitating semantic similarity searches over high-dimensional embeddings from diverse data sources. While VDBMSs are widely used in applications such as recommendation,…

Software Engineering · Computer Science 2025-06-04 Yinglin Xie , Xinyi Hou , Yanjie Zhao , Shenao Wang , Kai Chen , Haoyu Wang

How to search for bugs in 1,000 programs using a pre-existing fuzzer and a standard PC? We consider this problem and show that a well-designed strategy that determines which programs to fuzz and for how long can greatly impact the number of…

Cryptography and Security · Computer Science 2025-01-28 Ivica Nikolic , Racchit Jain

Fuzzing has become a commonly used approach to identifying bugs in complex, real-world programs. However, interpreters are notoriously difficult to fuzz effectively, as they expect highly structured inputs, which are rarely produced by most…

Cryptography and Security · Computer Science 2023-04-06 Christopher Salls , Chani Jindal , Jake Corina , Christopher Kruegel , Giovanni Vigna

Deep learning (DL) libraries are widely used in critical applications, where even subtle silent bugs can lead to serious consequences. While existing DL fuzzing techniques have made progress in detecting crashes, they inherently struggle to…

Software Engineering · Computer Science 2026-03-02 Kunpeng Zhang , Dongwei Xiao , Daoyuan Wu , Shuai Wang , Jiali Zhao , Yuanyi Lin , Tongtong Xu , Shaohua Wang

Recently, various automated testing approaches have been proposed that use specialized test oracles to find hundreds of logic bugs in mature, widely-used Database Management Systems (DBMSs). These test oracles require database and query…

Software Engineering · Computer Science 2026-01-27 Suyang Zhong , Manuel Rigger

Fuzzing has become a widely adopted technique for vulnerability discovery, yet it remains ineffective for structured-input programs due to strict syntactic constraints and limited semantic awareness. Traditional greybox fuzzers rely on…

Cryptography and Security · Computer Science 2026-04-21 Yihao Zou , Tianming Zheng , Futai Zou , Yue Wu

Domain Name System (DNS) is a critical component of the Internet. DNS resolvers, which act as the cache between DNS clients and DNS nameservers, are the central piece of the DNS infrastructure, essential to the scalability of DNS. However,…

Cryptography and Security · Computer Science 2023-10-06 Qifan Zhang , Xuesong Bai , Xiang Li , Haixin Duan , Qi Li , Zhou Li

As blockchain smart contracts become more widespread and carry more valuable digital assets, they become an increasingly attractive target for attackers. Over the past few years, smart contracts have been subject to a plethora of…

Cryptography and Security · Computer Science 2023-12-12 Peng Qian , Hanjie Wu , Zeren Du , Turan Vural , Dazhong Rong , Zheng Cao , Lun Zhang , Yanbin Wang , Jianhai Chen , Qinming He

BusyBox, an open-source software bundling over 300 essential Linux commands into a single executable, is ubiquitous in Linux-based embedded devices. Vulnerabilities in BusyBox can have far-reaching consequences, affecting a wide array of…

Software Engineering · Computer Science 2025-03-26 Asmita , Yaroslav Oliinyk , Michael Scott , Ryan Tsang , Chongzhou Fang , Houman Homayoun

Various automated testing approaches have been proposed for Database Management Systems (DBMSs). Many such approaches generate pairs of equivalent queries to identify bugs that cause DBMSs to compute incorrect results, and have found…

Software Engineering · Computer Science 2025-05-06 Suyang Zhong , Manuel Rigger

Fuzzing is utilized for testing software and systems for cybersecurity risk via the automated adaptation of inputs. It facilitates the identification of software bugs and misconfigurations that may create vulnerabilities, cause abnormal…

Cryptography and Security · Computer Science 2023-06-08 Jack Hance , Jeremy Straub

Deep Learning (DL) libraries such as PyTorch provide the core components to build major AI-enabled applications. Finding bugs in these libraries is important and challenging. Prior approaches have tackled this by performing either API-level…

Software Engineering · Computer Science 2025-09-19 Feiran Qin , M. M. Abid Naziri , Hengyu Ai , Saikat Dutta , Marcelo d'Amorim

The need to increase accuracy in detecting sophisticated cyber attacks poses a great challenge not only to the research community but also to corporations. So far, many approaches have been proposed to cope with this threat. Among them,…

Databases · Computer Science 2011-10-13 Huu Hoa Nguyen , Nouria Harbi , Jérôme Darmont

Fuzzing is an effective bug-finding technique but it struggles with complex systems like JavaScript engines that demand precise grammatical input. Recently, researchers have adopted language models for context-aware mutation in fuzzing to…

Cryptography and Security · Computer Science 2024-02-20 Jueon Eom , Seyeon Jeong , Taekyoung Kwon

Since 2020, automated testing for Database Management Systems (DBMSs) has flourished, uncovering hundreds of bugs in widely-used systems. A cornerstone of these techniques is test oracle, which typically implements a mechanism to generate…

Databases · Computer Science 2026-03-26 Qiuyang Mang , Runyuan He , Suyang Zhong , Xiaoxuan Liu , Huanchen Zhang , Alvin Cheung