English
Related papers

Related papers: FuzzEval: Assessing Fuzzers on Generating Context-…

200 papers

This paper presents a scalable, practical approach to quantifying information leaks in software; these errors are often overlooked and downplayed, but can seriously compromise security mechanisms such as address space layout randomisation…

Cryptography and Security · Computer Science 2025-01-27 Daniel Blackwell , Ingolf Becker , David Clark

Greybox fuzzing is one of the most popular methods for detecting software vulnerabilities, which conducts a biased random search within the program input space. To enhance its effectiveness in achieving deep coverage of program behaviors,…

Software Engineering · Computer Science 2026-05-06 Ruijie Meng , Gregory J. Duck , Abhik Roychoudhury

Collaborative fuzzing combines multiple individual fuzzers and dynamically chooses appropriate combinations for different programs. Unlike individual fuzzers that rely on specific assumptions, collaborative fuzzing relaxes assumptions on…

Cryptography and Security · Computer Science 2025-07-23 Wenxuan Shi , Hongwei Li , Jiahao Yu , Xinqian Sun , Wenbo Guo , Xinyu Xing

Fuzz testing proved its great effectiveness in finding software bugs in the latest years, however, there are still open challenges. Coverage-guided fuzzers suffer from the fact that covering a program point does not ensure the trigger of a…

Software Engineering · Computer Science 2020-12-22 Andrea Fioraldi

In vulnerability detection, machine learning has been used as an effective static analysis technique, although it suffers from a significant rate of false positives. Contextually, in vulnerability discovery, fuzzing has been used as an…

Cryptography and Security · Computer Science 2025-05-05 Gianpietro Castiglione , Marcello Maugeri , Giampaolo Bella

Kotlin is a relatively new programming language from JetBrains: its development started in 2010 with release 1.0 done in early 2016. The Kotlin compiler, while slowly and steadily becoming more and more mature, still crashes from time to…

Programming Languages · Computer Science 2020-12-14 Daniil Stepanov , Marat Akhin , Mikhail Belyaev

Mutation testing consists of generating test cases that detect faults injected into software (generating mutants) which its original test suite could not. By running such an augmented set of test cases, it may discover actual faults that…

Software Engineering · Computer Science 2024-06-05 Jaekwon Lee , Enrico Viganò , Fabrizio Pastore , Lionel Briand

Vulnerability Discovery with attack Injection security threats are increasing for the server software, when software is developed, the software tested for the functionality. Due to unawareness of software vulnerabilities most of the…

Networking and Internet Architecture · Computer Science 2014-02-12 G. Vijay Kumar , Ravikumar S. Raykundaliya , Dr. P. Naga Prasad

In future nuclear arms control treaties, it will be necessary to authenticate the hardware and software components of verification measurement systems, i.e., to ensure these systems are functioning as intended and have not been tampered…

Instrumentation and Detectors · Physics 2026-04-14 Jayson R Vavrek , Luozhong Zhou , Joshua Boverhof , Elisa R Heymann , Barton P Miller , Sean Peisert

Crash report analysis is a necessary step before developers begin fixing errors. Fuzzing or hybrid (with dynamic symbolic execution) fuzzing is often used in the secure development lifecycle. Modern fuzzers could produce many crashes and…

Cryptography and Security · Computer Science 2021-12-28 Georgy Savidov , Andrey Fedotov

Internet of Things (IoT) devices offer convenience through web interfaces, web VPNs, and other web-based services, all relying on the HTTP protocol. However, these externally exposed HTTP services resent significant security risks. Although…

Cryptography and Security · Computer Science 2024-11-20 Zhe Yang , Hao Peng , Yanling Jiang , Xingwei Li , Haohua Du , Shuhai Wang , Jianwei Liu

As deductive verifiers mature, their potential user base is growing from the initial core developers to other users. To convince external users of the suitability of verifiers, these tools must run reliably out of the box, give meaningful…

Software Engineering · Computer Science 2026-04-22 Wander Nauta , Marcus Gerhold , Marieke Huisman

Fuzzing is an effective technique for discovering software vulnerabilities by generating random test inputs and executing them against the target program. However, fuzzing large and complex programs remains challenging due to difficulties…

Cryptography and Security · Computer Science 2024-06-10 Dongdong She , Adam Storek , Yuchong Xie , Seoyoung Kweon , Prashast Srivastava , Suman Jana

Software engineers use regular expressions (regexes) across a wide range of domains and tasks. To support regexes, software projects must integrate a regex engine, whether provided natively by the language runtime (e.g., Python's re) or…

Software Engineering · Computer Science 2026-03-03 Berk Çakar , Dongyoon Lee , James C. Davis

Fuzzing has become a cornerstone technique for uncovering vulnerabilities and enhancing the security of OS kernels. However, state-of-the-art kernel fuzzers, including the de facto standard Syzkaller, struggle to generate valid syscall…

Cryptography and Security · Computer Science 2025-10-13 Boyu Liu , Yang Zhang , Liang Cheng , Yi Zhang , Junjie Fan , Yu Fu

Fuzzing is one of the most effective technique to identify potential software vulnerabilities. Most of the fuzzers aim to improve the code coverage, and there is lack of directedness (e.g., fuzz the specified path in a software). In this…

Cryptography and Security · Computer Science 2020-10-26 Xiaogang Zhu , Shigang Liu , Xian Li , Sheng Wen , Jun Zhang , Camtepe Seyit , Yang Xiang

Software fuzzing has become a cornerstone in automated vulnerability discovery, yet existing mutation strategies often lack semantic awareness, leading to redundant test cases and slow exploration of deep program states. In this work, I…

Cryptography and Security · Computer Science 2025-11-07 Shiyin Lin

The security of modern JavaScript (JS) engines is critical since they provide the primary defense mechanism for executing untrusted code on the web. The recent integration of WebAssembly (Wasm) has transformed these engines into complex…

Cryptography and Security · Computer Science 2026-03-20 Lingming Zhang , Binbin Zhao , Puzhuo Liu , Qinge Xie , Peng Di , Jianhai Chen , Shouling Ji

BACKGROUND: Software engineers must be vigilant in preventing and correcting vulnerabilities and other critical bugs. In servicing this need, numerous tools and techniques have been developed to assist developers. Fuzzers, by autonomously…

Software Engineering · Computer Science 2023-05-22 Brandon Keller , Andrew Meneely , Benjamin Meyers

Software testing is a critical aspect of software development, yet generating test cases remains a routine task for engineers. This paper presents a benchmark, CLOVER, to evaluate models' capabilities in generating and completing test cases…

Software Engineering · Computer Science 2025-02-14 Jiacheng Xu , Bo Pang , Jin Qu , Hiroaki Hayashi , Caiming Xiong , Yingbo Zhou
‹ Prev 1 8 9 10 Next ›