… of temporal properties. Motivated by this observation and leveraging the recent progress …
fuzzing, we build a greybox fuzzing framework to find violations of Linear-time Temporal Logic (…

… to handle magic numbers and checksums in grey-box fuzzers. Sub-instruction Profiling.
While understanding how a large amount of logic can be encoded in a single comparison is not …

… Grey-box fuzzing is the lightweight approach of choice for finding bugs in sequential … for
greybox fuzz-testing of distributed systems. Unlike popular black-box distributed system fuzzers, …

… pose directed greybox fuzzing as an … fuzzing algorithm to find a target-reaching input as the
performance metric. Using our framework, we design a randomized directed greybox fuzzing …

… fuzzing is shown to be incapable of reproducing a vulnerability within 24 hours [1]. On the
other hand, the directed grey-box fuzzers … , a directed grey-box fuzzer that directly addresses …

… In this section, we will discuss scheduling algorithms for black- and grey-box fuzzing only;
scheduling in white-box fuzzing requires a complex setup unique to symbolic executors and …

… ABSTRACT Coverage-guided grey-box fuzzing for computer systems has been explored for
… of temporal logic in coverage-guided fuzzing and obtain a cyber-physical fuzzing framework…

… As we will discuss in §2.4.3, grey-box fuzzing is a variant of white-box fuzzing that can only
… for black- and greybox fuzzing only; scheduling in white-box fuzzing requires a complex …

… The key idea of the proposed methodology is to incorporate a quality assessment capability
into the Coverage-based Grey-box Fuzzing (CGF). CGF is one of the most promising …

… ) or use information derived from the program 𝑃 to guide test selection (eg, whitebox or
greybox fuzzing). In this paper we focus on greybox fuzzers, such as AFL, which collect branch …