中文
相关论文

相关论文: FuzzPilot: Plateau-Triggered Recipe Validation for…

200 篇论文

Fuzzing is an effective technique for discovering software vulnerabilities by generating random test inputs and executing them against the target program. However, fuzzing large and complex programs remains challenging due to difficulties…

密码学与安全 · 计算机科学 2024-06-10 Dongdong She , Adam Storek , Yuchong Xie , Seoyoung Kweon , Prashast Srivastava , Suman Jana

Fuzz Testing techniques are the state of the art in software testing for security issues nowadays. Their great effectiveness attracted the attention of researchers and hackers and involved them in developing a lot of new techniques to…

密码学与安全 · 计算机科学 2021-02-09 Andrea Fioraldi , Luigi Paolo Pileggi

Fuzzing is one of the prevailing methods for vulnerability detection. However, even state-of-the-art fuzzing methods become ineffective after some period of time, i.e., the coverage hardly improves as existing methods are ineffective to…

密码学与安全 · 计算机科学 2021-12-15 Shunkai Zhu , Jingyi Wang , Jun Sun , Jie Yang , Xingwei Lin , Liyi Zhang , Peng Cheng

Fuzzing is an important dynamic program analysis technique designed for finding vulnerabilities in complex software. Fuzzing involves presenting a target program with crafted malicious input to cause crashes, buffer overflows, memory…

Since the advent of AFL, the use of mutational, feedback directed, grey-box fuzzers has become critical in the automated detection of security vulnerabilities. A great deal of research currently goes into their optimisation, including…

软件工程 · 计算机科学 2025-01-27 Daniel Blackwell , David Clark

In recent years, fuzz testing has proven itself to be one of the most effective techniques for finding correctness bugs and security vulnerabilities in practice. One particular fuzz testing tool, American Fuzzy Lop or AFL, has become…

软件工程 · 计算机科学 2018-07-31 Caroline Lemieux , Koushik Sen

Security vulnerabilities in Internet-of-Things devices, mobile platforms, and autonomous systems remain critical. Traditional mutation-based fuzzers -- while effectively explore code paths -- primarily perform byte- or bit-level edits…

软件工程 · 计算机科学 2025-09-25 Mengdi Lu , Steven Ding , Furkan Alaca , Philippe Charland

Fuzz testing (fuzzing) is a well-known method for exposing bugs/vulnerabilities in software systems. Popular fuzzers, such as AFL, use a biased random search over the domain of program inputs, where 100s or 1000s of inputs (test cases) are…

软件工程 · 计算机科学 2023-08-02 Yuntong Zhang , Ridwan Shariffdeen , Gregory J. Duck , Jiaqi Tan , Abhik Roychoudhury

Fuzzing continues to be the most effective method for identifying security vulnerabilities in software. In the context of fuzz testing, the fuzzer supplies varied inputs to fuzz targets, which are designed to comprehensively exercise…

软件工程 · 计算机科学 2026-01-21 Chi Thien Tran

Fuzzing has emerged as a powerful technique for finding security bugs in complicated real-world applications. American fuzzy lop (AFL), a leading fuzzing tool, has demonstrated its powerful bug finding ability through a vast number of…

密码学与安全 · 计算机科学 2023-07-06 Tai D. Nguyen , Long H. Pham , Jun Sun

Fuzzing is an automated software testing technique broadly adopted by the industry. A popular variant is mutation-based fuzzing, which discovers a large number of bugs in practice. While the research community has studied mutation-based…

软件工程 · 计算机科学 2022-10-24 Patrick Jauernig , Domagoj Jakobovic , Stjepan Picek , Emmanuel Stapf , Ahmad-Reza Sadeghi

Coverage-guided fuzzers are powerful automated bug-finding tools. They mutate program inputs, observe coverage, and save any input that hits an unexplored path for future mutation. Unfortunately, without knowledge of input formats--for…

密码学与安全 · 计算机科学 2025-07-09 Harrison Green , Claire Le Goues , Fraser Brown

Grey-box fuzzers such as American Fuzzy Lop (AFL) are popular tools for finding bugs and potential vulnerabilities in programs. While these fuzzers have been able to find vulnerabilities in many widely used programs, they are not efficient;…

人工智能 · 计算机科学 2018-11-26 Siddharth Karamcheti , Gideon Mann , David Rosenberg

Fuzzing is a widely used technique for discovering software vulnerabilities, but identifying hot bytes that influence program behavior remains challenging. Traditional taint analysis can track such bytes white-box, but suffers from…

密码学与安全 · 计算机科学 2025-06-11 Yuchong Xie , Wenhui Zhang , Dongdong She

In recent years, coverage-based greybox fuzzing has proven itself to be one of the most effective techniques for finding security bugs in practice. Particularly, American Fuzzy Lop (AFL for short) is deemed to be a great success in fuzzing…

密码学与安全 · 计算机科学 2019-01-24 Junjie Wang , Bihuan Chen , Lei Wei , Yang Liu

Ensuring the correctness of compiler optimizations is critical, but existing fuzzers struggle to test optimizations effectively. First, most fuzzers use optimization pipelines (heuristics-based, fixed sequences of passes) as their harness.…

软件工程 · 计算机科学 2025-12-05 Zitong Zhou , Ben Limpanukorn , Hong Jin Kang , Jiyuan Wang , Yaoxuan Wu , Akos Kiss , Renata Hodovan , Miryung Kim

Software fuzzing is a strong testing technique that has become the de facto approach for automated software testing and software vulnerability detection in the industry. The random nature of fuzzing makes monitoring and understanding the…

软件工程 · 计算机科学 2021-12-28 Aftab Hussain , Mohammad Amin Alipour

Modern fuzzers increasingly use Large Language Models (LLMs) to generate structured inputs, but LLM-driven fuzzing is sensitive to prompt initialization and sampling variance, which can reduce exploration efficiency and lead to redundant…

密码学与安全 · 计算机科学 2026-05-05 Mario Rodríguez Béjar , B. Romera-Paredes , Jose L. Hernández-Ramos

Fuzz testing, or "fuzzing," refers to a widely deployed class of techniques for testing programs by generating a set of inputs for the express purpose of finding bugs and identifying security flaws. Grey-box fuzzing, the most popular…

人工智能 · 计算机科学 2018-08-28 Siddharth Karamcheti , Gideon Mann , David Rosenberg

Fuzzing is a promising technique for detecting security vulnerabilities. Newly developed fuzzers are typically evaluated in terms of the number of bugs found on vulnerable programs/binaries. However,existing corpora usually do not capture…

软件工程 · 计算机科学 2019-05-07 Xiaogang Zhu , Xiaotao Feng , Tengyun Jiao , Sheng Wen , Yang Xiang , Seyit Camtepe , Jingling Xue
‹ 上一页 1 2 3 10 下一页 ›