An empirical study of oss-fuzz bugs
ZY Ding, C Le Goues - 2021 IEEE/ACM 18th International …, 2021 - ieeexplore.ieee.org
Continuous fuzzing is an increasingly popular technique for automated quality and security
assurance. Google maintains OSS-Fuzz: a continuous fuzzing service for open source …
assurance. Google maintains OSS-Fuzz: a continuous fuzzing service for open source …
[PDF][PDF] Better pay attention whilst fuzzing.(2023)
Fuzzing is one of the prevailing methods for vulnerability detection. However, even state-of-
the-art fuzzing methods become ineffective after some period of time, ie, the coverage hardly …
the-art fuzzing methods become ineffective after some period of time, ie, the coverage hardly …
The human side of fuzzing: Challenges faced by developers during fuzzing activities
Fuzz testing, also known as fuzzing, is a software testing technique aimed at identifying
software vulnerabilities. In recent decades, fuzzing has gained increasing popularity in the …
software vulnerabilities. In recent decades, fuzzing has gained increasing popularity in the …
Fuzzbench: an open fuzzer benchmarking platform and service
Fuzzing is a key tool used to reduce bugs in production software. At Google, fuzzing has
uncovered tens of thousands of bugs. Fuzzing is also a popular subject of academic …
uncovered tens of thousands of bugs. Fuzzing is also a popular subject of academic …
NestFuzz: Enhancing Fuzzing with Comprehensive Understanding of Input Processing Logic
Fuzzing is one of the most popular and practical techniques for security analysis. In this
work, we aim to address the critical problem of high-quality input generation with a novel …
work, we aim to address the critical problem of high-quality input generation with a novel …
The use of likely invariants as feedback for fuzzers
While fuzz testing proved to be a very effective technique to find software bugs, open
challenges still exist. One of the its main limitations is the fact that popular coverage-guided …
challenges still exist. One of the its main limitations is the fact that popular coverage-guided …
{FuzzGuard}: Filtering out unreachable inputs in directed grey-box fuzzing through deep learning
Recently, directed grey-box fuzzing (DGF) becomes popular in the field of software testing.
Different from coverage-based fuzzing whose goal is to increase code coverage for …
Different from coverage-based fuzzing whose goal is to increase code coverage for …
{ParmeSan}: Sanitizer-guided greybox fuzzing
One of the key questions when fuzzing is where to look for vulnerabilities. Coverage-guided
fuzzers indiscriminately optimize for covering as much code as possible given that bug …
fuzzers indiscriminately optimize for covering as much code as possible given that bug …
Suzzer: A vulnerability-guided fuzzer based on deep learning
Fuzzing is a simple and effective way to find software bugs. Most state-of-the-art fuzzers
focus on improving code coverage to enhance the possibility of causing crashes. However …
focus on improving code coverage to enhance the possibility of causing crashes. However …
Fuzzing: On the exponential cost of vulnerability discovery
M Böhme, B Falk - Proceedings of the 28th ACM joint meeting on …, 2020 - dl.acm.org
We present counterintuitive results for the scalability of fuzzing. Given the same non-
deterministic fuzzer, finding the same bugs linearly faster requires linearly more machines …
deterministic fuzzer, finding the same bugs linearly faster requires linearly more machines …