Selectfuzz: Efficient directed fuzzing with selective path exploration
Directed grey-box fuzzers specialize in testing specific target code. They have been applied
to many security applications such as reproducing known crashes and detecting …
to many security applications such as reproducing known crashes and detecting …
Greybox Fuzzing of Distributed Systems
Grey-box fuzzing is the lightweight approach of choice for finding bugs in sequential
programs. It provides a balance between efficiency and effectiveness by conducting a …
programs. It provides a balance between efficiency and effectiveness by conducting a …
Transformer-based vulnerability detection in code at EditTime: Zero-shot, few-shot, or fine-tuning?
A Chan, A Kharkar, RZ Moghaddam… - arXiv preprint arXiv …, 2023 - arxiv.org
Software vulnerabilities bear enterprises significant costs. Despite extensive efforts in
research and development of software vulnerability detection methods, uncaught …
research and development of software vulnerability detection methods, uncaught …
A Usability Evaluation of AFL and libFuzzer with CS Students
S Plöger, M Meier, M Smith - Proceedings of the 2023 CHI Conference …, 2023 - dl.acm.org
In top-tier companies and academia, fuzzing has established itself as a valuable tool for
finding bugs. It is a tool created by experts for experts, and a lot of research is being invested …
finding bugs. It is a tool created by experts for experts, and a lot of research is being invested …
The Human Side of Fuzzing: Challenges Faced by Developers During Fuzzing Activities
Fuzz testing, also known as fuzzing, is a software testing technique aimed at identifying
software vulnerabilities. In recent decades, fuzzing has gained increasing popularity in the …
software vulnerabilities. In recent decades, fuzzing has gained increasing popularity in the …
SoK: Prudent Evaluation Practices for Fuzzing
Fuzzing has proven to be a highly effective approach to uncover software bugs over the past
decade. After AFL popularized the groundbreaking concept of lightweight coverage …
decade. After AFL popularized the groundbreaking concept of lightweight coverage …
HTFuzz: Heap Operation Sequence Sensitive Fuzzing
Heap-based temporal vulnerabilities (ie, use-after-free, double-free and null pointer
dereference) are highly sensitive to heap operation (eg, memory allocation, deallocation …
dereference) are highly sensitive to heap operation (eg, memory allocation, deallocation …
Deep learning for coverage-guided fuzzing: How far are we?
Fuzzing is a widely-used software vulnerability discovery technology, many of which are
optimized using coverage-feedback. Recently, some techniques propose to train deep …
optimized using coverage-feedback. Recently, some techniques propose to train deep …
On the Effectiveness of Function-Level Vulnerability Detectors for Inter-Procedural Vulnerabilities
Software vulnerabilities are a major cyber threat and it is important to detect them. One
important approach to detecting vulnerabilities is to use deep learning while treating a …
important approach to detecting vulnerabilities is to use deep learning while treating a …
SpecBCFuzz: Fuzzing LTL Solvers with Boundary Conditions
LTL solvers check the satisfiability of Linear-time Temporal Logic (LTL) formulas and are
widely used for verifying and testing critical software systems. Thus, potential bugs in the …
widely used for verifying and testing critical software systems. Thus, potential bugs in the …