Fuzz testing (fuzzing) has witnessed its prosperity in detecting security flaws recently. It
generates a large number of test cases and monitors the executions for defects. Fuzzing has …

Security attacks abuse software vulnerabilities of IoT devices; hence, detecting and
eliminating these vulnerabilities immediately are crucial. Fuzzing is an efficient method to …

In this paper, we present AFL++, a community-driven open-source tool that incorporates
state-of-the-art fuzzing research, to make the research comparable, reproducible …

Fuzzing is a key tool used to reduce bugs in production software. At Google, fuzzing has
uncovered tens of thousands of bugs. Fuzzing is also a popular subject of academic …

Among the many software testing techniques available today, fuzzing has remained highly
popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of …

Unlike traditional software, smart contracts have the unique organization in which a
sequence of transactions shares persistent states. Unfortunately, such a characteristic …

The release of AFL marked an important milestone in the area of software security testing,
revitalizing fuzzing as a major research topic and spurring a large number of research …

Data flow analysis (eg, dynamic taint analysis) has proven to be useful for guiding fuzzers to
explore hard-to-reach code and find vulnerabilities. However, traditional taint analysis is …

One of the key questions when fuzzing is where to look for vulnerabilities. Coverage-guided
fuzzers indiscriminately optimize for covering as much code as possible given that bug …

Many protocol implementations are reactive systems, where the protocol process is in
continuous interaction with other processes and the environment. If a bug can be exposed …