English
Related papers

Related papers: Selecting Initial Seeds for Better JVM Fuzzing

200 papers

Fuzzing is utilized for testing software and systems for cybersecurity risk via the automated adaptation of inputs. It facilitates the identification of software bugs and misconfigurations that may create vulnerabilities, cause abnormal…

Cryptography and Security · Computer Science 2023-06-08 Jack Hance , Jeremy Straub

Fuzzing is a well-established technique for detecting bugs and vulnerabilities. With the surge of fuzzers and fuzzer platforms being developed such as AFL and OSSFuzz rises the necessity to benchmark these tools' performance. A common…

Software Engineering · Computer Science 2025-03-26 Timothée Riom , Sabine Houy , Bruno Kreyssig , Alexandre Bartel

We present a coverage-guided testing algorithm for distributed systems implementations. Our main innovation is the use of an abstract formal model of the system that is used to define coverage. Such abstract models are frequently developed…

Software Engineering · Computer Science 2025-09-03 Ege Berkay Gulcan , Burcu Kulahcioglu Ozkan , Rupak Majumdar , Srinidhi Nagendra

Side-channel attacks allow an adversary to uncover secret program data by observing the behavior of a program with respect to a resource, such as execution time, consumed memory or response size. Side-channel vulnerabilities are difficult…

Cryptography and Security · Computer Science 2019-02-27 Shirin Nilizadeh , Yannic Noller , Corina S. Pasareanu

Fuzzing is a security testing methodology effective in finding bugs. In a nutshell, a fuzzer sends multiple slightly malformed messages to the software under test, hoping for crashes or weird system behaviour. The methodology is relatively…

Cryptography and Security · Computer Science 2023-01-09 Cristian Daniele , Seyed Behnam Andarzian , Erik Poll

Bug prediction is the process of training a machine learning model on software metrics and fault information to predict bugs in software entities. While feature selection is an important step in building a robust prediction model, there is…

Software Engineering · Computer Science 2018-07-13 Haidar Osman , Mohammad Ghafari , Oscar Nierstrasz

Recent research has sought to improve fuzzing performance via parallel computing. However, researchers focus on improving efficiency while ignoring the increasing cost of testing resources. Parallel fuzzing in the distributed environment…

Cryptography and Security · Computer Science 2022-11-16 Xu Zhou , Pengfei Wang , Chenyifan Liu , Tai Yue , Yingying Liu , Congxi Song , Kai Lu , Qidi Yin , Xu Han

Seed explosion is a fundamental problem in fuzzing seed scheduling, where a fuzzer maintains a huge corpus and fails to choose promising seeds. Existing works focus on seed prioritization but still suffer from seed explosion since corpus…

Software Engineering · Computer Science 2026-02-27 Yuchong Xie , Kaikai Zhang , Yu Liu , Rundong Yang , Ping Chen , Shuai Wang , Dongdong She

Blockchain smart contracts have given rise to a variety of interesting and compelling applications and emerged as a revolutionary force for the Internet. Quite a few practitioners have devoted themselves to developing tools for detecting…

Cryptography and Security · Computer Science 2023-01-13 Zhenguang Liu , Peng Qian , Jiaxu Yang , Lingfeng Liu , Xiaojun Xu , Qinming He , Xiaosong Zhang

With increasing technology developments, there is a massive number of websites with varying purposes. But a particular type exists within this large collection, the so-called phishing sites which aim to deceive their users. The main…

Networking and Internet Architecture · Computer Science 2020-02-19 Almaha Abuzuraiq , Mouhammd Alkasassbeh , Mohammad Almseidin

Fuzzing has become a cornerstone technique for uncovering vulnerabilities and enhancing the security of OS kernels. However, state-of-the-art kernel fuzzers, including the de facto standard Syzkaller, struggle to generate valid syscall…

Cryptography and Security · Computer Science 2025-10-13 Boyu Liu , Yang Zhang , Liang Cheng , Yi Zhang , Junjie Fan , Yu Fu

Background: Unsupervised machine learners have been increasingly applied to software defect prediction. It is an approach that may be valuable for software practitioners because it reduces the need for labeled training data. Objective:…

Software Engineering · Computer Science 2020-02-20 Ning Li , Martin Shepperd , Yuchen Guo

Programs expecting structured inputs often consist of both a syntactic analysis stage, which parses raw input, and a semantic analysis stage, which conducts checks on the parsed input and executes the core logic of the program.…

Software Engineering · Computer Science 2019-06-11 Rohan Padhye , Caroline Lemieux , Koushik Sen , Mike Papadakis , Yves Le Traon

Contemporary fuzz testing techniques focus on identifying memory corruption vulnerabilities that allow adversaries to achieve either remote code execution or information disclosure. Meanwhile, Algorithmic Complexity (AC)vulnerabilities,…

Cryptography and Security · Computer Science 2020-02-18 William Blair , Andrea Mambretti , Sajjad Arshad , Michael Weissbacher , William Robertson , Engin Kirda , Manuel Egele

Rust is a promising programming language that focuses on concurrency, usability, and security. It is used in production code by major industry players and got recommended by government bodies. Rust provides strong security guarantees…

Cryptography and Security · Computer Science 2025-05-06 David Paaßen , Jens-Rene Giesen , Lucas Davi

Context: Exhaustive fuzzing of modern JavaScript engines is infeasible due to the vast number of program states and execution paths. Coverage-guided fuzzers waste effort on low-risk inputs, often ignoring vulnerability-triggering ones that…

Software Engineering · Computer Science 2025-12-23 Kishan Kumar Ganguly , Tim Menzies

Greybox fuzzing is a lightweight testing approach that effectively detects bugs and security vulnerabilities. However, greybox fuzzers randomly mutate program inputs to exercise new paths; this makes it challenging to cover code that is…

Cryptography and Security · Computer Science 2018-07-23 Valentin Wüstholz , Maria Christakis

Fuzzing, a widely-used technique for bug detection, has seen advancements through Large Language Models (LLMs). Despite their potential, LLMs face specific challenges in fuzzing. In this paper, we identified five major challenges of…

Software Engineering · Computer Science 2024-04-26 Yu Jiang , Jie Liang , Fuchen Ma , Yuanliang Chen , Chijin Zhou , Yuheng Shen , Zhiyong Wu , Jingzhou Fu , Mingzhe Wang , ShanShan Li , Quan Zhang

A flurry of fuzzing tools (fuzzers) have been proposed in the literature, aiming at detecting software vulnerabilities effectively and efficiently. To date, it is however still challenging to compare fuzzers due to the inconsistency of the…

Cryptography and Security · Computer Science 2020-10-06 Yuwei Li , Shouling Ji , Yuan Chen , Sizhuang Liang , Wei-Han Lee , Yueyao Chen , Chenyang Lyu , Chunming Wu , Raheem Beyah , Peng Cheng , Kangjie Lu , Ting Wang

Database Management System (DBMS) fuzzing is an automated testing technique aimed at detecting errors and vulnerabilities in DBMSs by generating, mutating, and executing test cases. It not only reduces the time and cost of manual testing…

Databases · Computer Science 2023-11-14 Xiyue Gao , Zhuang Liu , Jiangtao Cui , Hui Li , Hui Zhang , Kewei Wei , Kankan Zhao