English
Related papers

Related papers: FrameShift: Learning to Resize Fuzzer Inputs Witho…

200 papers

Coverage-based graybox fuzzer (CGF), such as AFL has gained great success in vulnerability detection thanks to its ease-of-use and bug-finding power. Since some code fragments such as memory allocation are more vulnerable than others,…

Cryptography and Security · Computer Science 2021-03-02 Wenshuo Wang , Liang Cheng , Yang Zhang

Appropriate test data is a crucial factor to reach success in dynamic software testing, e.g., fuzzing. Most of the real-world applications, however, accept complex structure inputs containing data surrounded by meta-data which is processed…

Software Engineering · Computer Science 2020-06-16 Morteza Zakeri Nasrabadi , Saeed Parsa , Akram Kalaee

Fuzzing has become a widely adopted technique for vulnerability discovery, yet it remains ineffective for structured-input programs due to strict syntactic constraints and limited semantic awareness. Traditional greybox fuzzers rely on…

Cryptography and Security · Computer Science 2026-04-21 Yihao Zou , Tianming Zheng , Futai Zou , Yue Wu

Modern fuzzers increasingly use Large Language Models (LLMs) to generate structured inputs, but LLM-driven fuzzing is sensitive to prompt initialization and sampling variance, which can reduce exploration efficiency and lead to redundant…

Cryptography and Security · Computer Science 2026-05-05 Mario Rodríguez Béjar , B. Romera-Paredes , Jose L. Hernández-Ramos

A greybox fuzzer is an automated software testing tool that generates new test inputs by applying randomly chosen mutators (e.g., flipping a bit or deleting a block of bytes) to a seed input in random order and adds all coverage-increasing…

Software Engineering · Computer Science 2026-04-24 Konstantinos Kitsios , Marcel Böhme , Alberto Bacchelli

Taint-style vulnerabilities comprise a majority of fuzzer discovered program faults. These vulnerabilities usually manifest as memory access violations caused by tainted program input. Although fuzzers have helped uncover a majority of…

Cryptography and Security · Computer Science 2017-06-02 Bhargava Shastry , Federico Maggi , Fabian Yamaguchi , Konrad Rieck , Jean-Pierre Seifert

Fuzzing is a popular vulnerability automated testing method utilized by professionals and broader community alike. However, despite its abilities, fuzzing is a time-consuming, computationally expensive process. This is problematic for the…

Software Engineering · Computer Science 2023-07-25 Michael Wang , Michael Robinson

Fuzzing is utilized for testing software and systems for cybersecurity risk via the automated adaptation of inputs. It facilitates the identification of software bugs and misconfigurations that may create vulnerabilities, cause abnormal…

Cryptography and Security · Computer Science 2023-06-08 Jack Hance , Jeremy Straub

Fuzzing is a promising technique for detecting security vulnerabilities. Newly developed fuzzers are typically evaluated in terms of the number of bugs found on vulnerable programs/binaries. However,existing corpora usually do not capture…

Software Engineering · Computer Science 2019-05-07 Xiaogang Zhu , Xiaotao Feng , Tengyun Jiao , Sheng Wen , Yang Xiang , Seyit Camtepe , Jingling Xue

Grey-box fuzzers such as American Fuzzy Lop (AFL) are popular tools for finding bugs and potential vulnerabilities in programs. While these fuzzers have been able to find vulnerabilities in many widely used programs, they are not efficient;…

Artificial Intelligence · Computer Science 2018-11-26 Siddharth Karamcheti , Gideon Mann , David Rosenberg

Fuzzing is an automated software testing technique broadly adopted by the industry. A popular variant is mutation-based fuzzing, which discovers a large number of bugs in practice. While the research community has studied mutation-based…

Software Engineering · Computer Science 2022-10-24 Patrick Jauernig , Domagoj Jakobovic , Stjepan Picek , Emmanuel Stapf , Ahmad-Reza Sadeghi

Mutation-based fuzzing is popular and effective in discovering unseen code and exposing bugs. However, only a few studies have concentrated on quantifying the importance of input bytes, which refers to the degree to which a byte contributes…

Cryptography and Security · Computer Science 2023-10-24 Kunpeng Zhang , Xiaogang Zhu , Xi Xiao , Minhui Xue , Chao Zhang , Sheng Wen

Jailbreaking large-language models (LLMs) involves testing their robustness against adversarial prompts and evaluating their ability to withstand prompt attacks that could elicit unauthorized or malicious responses. In this paper, we…

Cryptography and Security · Computer Science 2025-06-06 Aman Goel , Xian Carrie Wu , Zhe Wang , Dmitriy Bespalov , Yanjun Qi

In company with the data explosion over the past decade, deep neural network (DNN) based software has experienced unprecedented leap and is becoming the key driving force of many novel industrial applications, including many safety-critical…

Software Engineering · Computer Science 2018-11-19 Xiaofei Xie , Lei Ma , Felix Juefei-Xu , Hongxu Chen , Minhui Xue , Bo Li , Yang Liu , Jianjun Zhao , Jianxiong Yin , Simon See

In recent years, coverage-based greybox fuzzing has proven itself to be one of the most effective techniques for finding security bugs in practice. Particularly, American Fuzzy Lop (AFL for short) is deemed to be a great success in fuzzing…

Cryptography and Security · Computer Science 2019-01-24 Junjie Wang , Bihuan Chen , Lei Wei , Yang Liu

Software testing is becoming a critical part of the development cycle of embedded devices, enabling vulnerability detection. A well-studied approach of software testing is fuzz-testing (fuzzing), during which mutated input is sent to an…

Cryptography and Security · Computer Science 2019-08-15 Philip Sperl , Konstantin Böttinger

Fuzzing has become the de facto standard technique for finding software vulnerabilities. However, even state-of-the-art fuzzers are not very efficient at finding hard-to-trigger software bugs. Most popular fuzzers use evolutionary guidance…

Cryptography and Security · Computer Science 2019-07-16 Dongdong She , Kexin Pei , Dave Epstein , Junfeng Yang , Baishakhi Ray , Suman Jana

Mutation-based fuzzing has become one of the most common vulnerability discovery solutions over the last decade. Fuzzing can be optimized when targeting specific programs, and given that, some studies have employed online optimization…

Cryptography and Security · Computer Science 2023-03-13 Yuki Koike , Hiroyuki Katsura , Hiromu Yakura , Yuma Kurogome

Exponential growth in embedded systems is driving the research imperative to develop fuzzers to automate firmware testing to uncover software bugs and security vulnerabilities. But, employing fuzzing techniques in this context present a…

Cryptography and Security · Computer Science 2023-01-18 Guy Farrelly , Michael Chesser , Damith C. Ranasinghe

Machine learning models are notoriously difficult to interpret and debug. This is particularly true of neural networks. In this work, we introduce automated software testing techniques for neural networks that are well-suited to discovering…

Machine Learning · Statistics 2018-07-31 Augustus Odena , Ian Goodfellow