Fuzzing: a survey for roadmap
Fuzz testing (fuzzing) has witnessed its prosperity in detecting security flaws recently. It
generates a large number of test cases and monitors the executions for defects. Fuzzing has …
generates a large number of test cases and monitors the executions for defects. Fuzzing has …
Fuzzing vulnerability discovery techniques: Survey, challenges and future directions
C Beaman, M Redbourne, JD Mummery, S Hakak - Computers & Security, 2022 - Elsevier
Fuzzing is a powerful tool for vulnerability discovery in software, with much progress being
made in the field in recent years. There is limited literature available on the fuzzing …
made in the field in recent years. There is limited literature available on the fuzzing …
{AFL++}: Combining incremental steps of fuzzing research
A Fioraldi, D Maier, H Eißfeldt, M Heuse - 14th USENIX Workshop on …, 2020 - usenix.org
In this paper, we present AFL++, a community-driven open-source tool that incorporates
state-of-the-art fuzzing research, to make the research comparable, reproducible …
state-of-the-art fuzzing research, to make the research comparable, reproducible …
Evaluating fuzz testing
Fuzz testing has enjoyed great success at discovering security critical bugs in real software.
Recently, researchers have devoted significant effort to devising new fuzzing techniques …
Recently, researchers have devoted significant effort to devising new fuzzing techniques …
The art, science, and engineering of fuzzing: A survey
Among the many software testing techniques available today, fuzzing has remained highly
popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of …
popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of …
{QSYM}: A practical concolic execution engine tailored for hybrid fuzzing
Recently, hybrid fuzzing has been proposed to address the limitations of fuzzing and
concolic execution by combining both approaches. The hybrid approach has shown its …
concolic execution by combining both approaches. The hybrid approach has shown its …
[PDF][PDF] REDQUEEN: Fuzzing with Input-to-State Correspondence.
Automated software testing based on fuzzing has experienced a revival in recent years.
Especially feedback-driven fuzzing has become well-known for its ability to efficiently …
Especially feedback-driven fuzzing has become well-known for its ability to efficiently …
{MOPT}: Optimized mutation scheduling for fuzzers
Mutation-based fuzzing is one of the most popular vulnerability discovery solutions. Its
performance of generating interesting test cases highly depends on the mutation scheduling …
performance of generating interesting test cases highly depends on the mutation scheduling …
Learning to fuzz from symbolic execution with application to smart contracts
Fuzzing and symbolic execution are two complementary techniques for discovering software
vulnerabilities. Fuzzing is fast and scalable, but can be ineffective when it fails to randomly …
vulnerabilities. Fuzzing is fast and scalable, but can be ineffective when it fails to randomly …
Magma: A ground-truth fuzzing benchmark
High scalability and low running costs have made fuzz testing the de facto standard for
discovering software bugs. Fuzzing techniques are constantly being improved in a race to …
discovering software bugs. Fuzzing techniques are constantly being improved in a race to …