English
Related papers

Related papers: Selecting Initial Seeds for Better JVM Fuzzing

200 papers

Fuzz testing is a crucial component of software security assessment, yet its effectiveness heavily relies on valid fuzz drivers and diverse seed inputs. Recent advancements in Large Language Models (LLMs) offer transformative potential for…

Software Engineering · Computer Science 2025-03-04 Yiran Cheng , Hong Jin Kang , Lwin Khin Shar , Chaopeng Dong , Zhiqiang Shi , Shichao Lv , Limin Sun

Fuzzing has been incredibly successful in uncovering bugs and vulnerabilities across diverse software systems. JSON parsers play a vital role in modern software development, and ensuring their reliability is of great importance. This…

Software Engineering · Computer Science 2024-10-31 Zhiyuan Zhong , Zhezhen Cao , Zhanwei Zhang

Fuzz Testing is a largely automated testing technique that provides random and unexpected input to a program in attempt to trigger failure conditions. Much of the research conducted thus far into Fuzz Testing has focused on developing…

Software Engineering · Computer Science 2019-07-30 Matthew Kelly , Christoph Treude , Alex Murray

We design and implement from scratch a new fuzzer called SIVO that refines multiple stages of grey-box fuzzing. First, SIVO refines data-flow fuzzing in two ways: (a) it provides a new taint inference engine that requires only logarithmic…

Cryptography and Security · Computer Science 2021-07-16 Ivica Nikolic , Radu Mantu , Shiqi Shen , Prateek Saxena

FuSeBMC is a test generator for finding security vulnerabilities in C programs. In earlier work [4], we described a previous version that incrementally injected labels to guide Bounded Model Checking (BMC) and Evolutionary Fuzzing engines…

Cryptography and Security · Computer Science 2021-12-22 Kaled M. Alshmrany , Mohannad Aldughaim , Ahmed Bhayat , Lucas C. Cordeiro

As blockchain smart contracts become more widespread and carry more valuable digital assets, they become an increasingly attractive target for attackers. Over the past few years, smart contracts have been subject to a plethora of…

Cryptography and Security · Computer Science 2023-12-12 Peng Qian , Hanjie Wu , Zeren Du , Turan Vural , Dazhong Rong , Zheng Cao , Lun Zhang , Yanbin Wang , Jianhai Chen , Qinming He

Taint-style vulnerabilities comprise a majority of fuzzer discovered program faults. These vulnerabilities usually manifest as memory access violations caused by tainted program input. Although fuzzers have helped uncover a majority of…

Cryptography and Security · Computer Science 2017-06-02 Bhargava Shastry , Federico Maggi , Fabian Yamaguchi , Konrad Rieck , Jean-Pierre Seifert

Fuzz testing is a fundamental technique employed to identify vulnerabilities within software systems. However, the process can be protracted and resource-intensive, especially when confronted with extensive codebases. In this work, I…

Software Engineering · Computer Science 2024-12-12 Saket Upadhyay

Coverage-based greybox fuzzing (CGF) has been approved to be effective in finding security vulnerabilities. Seed scheduling, the process of selecting an input as the seed from the seed pool for the next fuzzing iteration, plays a central…

Software Engineering · Computer Science 2022-06-16 Yiru Zhao , Xiaoke Wang , Lei Zhao , Yueqiang Cheng , Heng Yin

In recent years, there has been a notable surge in attention towards hardware security, driven by the increasing complexity and integration of processors, SoCs, and third-party IPs aimed at delivering advanced solutions. However, this…

Cryptography and Security · Computer Science 2024-03-20 Raghul Saravanan , Sai Manoj Pudukotai Dinakarrao

Most software that runs on computers undergoes processing by compilers. Since compilers constitute the fundamental infrastructure of software development, their correctness is paramount. Over the years, researchers have invested in…

Software Engineering · Computer Science 2023-06-19 Haoyang Ma

As with any fuzzer, directing Generator-Based Fuzzers (GBF) to reach particular code targets can increase the fuzzer's effectiveness. In previous work, coverage-guided fuzzers used a mix of static analysis, taint analysis, and…

Software Engineering · Computer Science 2026-01-21 Soha Hussein , Stephen McCamant , Mike Whalen

Among the many software vulnerability discovery techniques available today, fuzzing has remained highly popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of empirical evidence in discovering…

Cryptography and Security · Computer Science 2019-04-09 Valentin J. M. Manes , HyungSeok Han , Choongwoo Han , Sang Kil Cha , Manuel Egele , Edward J. Schwartz , Maverick Woo

Fuzzing is a widely used software security testing technique that is designed to identify vulnerabilities in systems by providing invalid or unexpected input. Continuous fuzzing systems like OSS-FUZZ have been successful in finding security…

Cryptography and Security · Computer Science 2023-07-04 Chaitanya Rahalkar

Hybrid testing combines fuzz testing and concolic execution. It leverages fuzz testing to test easy-to-reach code regions and uses concolic execution to explore code blocks guarded by complex branch conditions. However, its code…

Software Engineering · Computer Science 2019-06-19 Yaohui Chen , Peng Li , Jun Xu , Shengjian Guo , Rundong Zhou , Yulong Zhang , Taowei , Long Lu

Generation-based fuzzing produces appropriate test cases according to specifications of input grammars and semantic constraints to test systems and software. However, these specifications require significant manual effort to construct. This…

Cryptography and Security · Computer Science 2025-08-13 Chuyang Chen , Brendan Dolan-Gavitt , Zhiqiang Lin

Despite much recent interest in compiler randomized testing (fuzzing), the practical impact of fuzzer-found compiler bugs on real-world applications has barely been assessed. We present the first quantitative and qualitative study of the…

Software Engineering · Computer Science 2019-09-06 Michaël Marcozzi , Qiyi Tang , Alastair F. Donaldson , Cristian Cadar

Transient execution vulnerabilities have emerged as a critical threat to modern processors. Hardware fuzzing testing techniques have recently shown promising results in discovering transient execution bugs in large-scale out-of-order…

Hardware Architecture · Computer Science 2025-04-30 Jinyan Xu , Yangye Zhou , Xingzhi Zhang , Yinshuai Li , Qinhan Tan , Yinqian Zhang , Yajin Zhou , Rui Chang , Wenbo Shen

In the testing-retraining pipeline for enhancing the robustness property of deep learning (DL) models, many state-of-the-art robustness-oriented fuzzing techniques are metric-oriented. The pipeline generates adversarial examples as test…

Software Engineering · Computer Science 2024-07-18 Haipeng Wang , Zhengyuan Wei , Qilin Zhou , Wing-Kwong Chan

Bugs exist in hardware, such as CPU. Unlike software bugs, these hardware bugs need to be detected before deployment. Previous fuzzing work in CPU bug detection has several disadvantages, e.g., the length of RTL input instructions keeps…

Cryptography and Security · Computer Science 2024-01-31 Gen Zhang , Pengfei Wang , Tai Yue , Danjun Liu , Yubei Guo , Kai Lu
‹ Prev 1 4 5 6 7 8 10 Next ›