Demystify the fuzzing methods: A comprehensive survey
S Mallissery, YS Wu - ACM Computing Surveys, 2023 - dl.acm.org
Massive software applications possess complex data structures or parse complex data
structures; in such cases, vulnerabilities in the software become inevitable. The …
structures; in such cases, vulnerabilities in the software become inevitable. The …
A systematic review of fuzzing based on machine learning techniques
Y Wang, P Jia, L Liu, C Huang, Z Liu - PloS one, 2020 - journals.plos.org
Security vulnerabilities play a vital role in network security system. Fuzzing technology is
widely used as a vulnerability discovery technology to reduce damage in advance …
widely used as a vulnerability discovery technology to reduce damage in advance …
{EcoFuzz}: Adaptive {Energy-Saving} greybox fuzzing as a variant of the adversarial {Multi-Armed} bandit
Fuzzing is one of the most effective approaches for identifying security vulnerabilities. As a
state-of-the-art coverage-based greybox fuzzer, AFL is a highly effective and widely used …
state-of-the-art coverage-based greybox fuzzer, AFL is a highly effective and widely used …
{UNIFUZZ}: A holistic and pragmatic {Metrics-Driven} platform for evaluating fuzzers
A flurry of fuzzing tools (fuzzers) have been proposed in the literature, aiming at detecting
software vulnerabilities effectively and efficiently. To date, it is however still challenging to …
software vulnerabilities effectively and efficiently. To date, it is however still challenging to …
Full-speed fuzzing: Reducing fuzzing overhead through coverage-guided tracing
Coverage-guided fuzzing is one of the most successful approaches for discovering software
bugs and security vulnerabilities. Of its three main components:(1) test case generation,(2) …
bugs and security vulnerabilities. Of its three main components:(1) test case generation,(2) …
[PDF][PDF] Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization.
Coverage-based fuzzing has been actively studied and widely adopted for finding
vulnerabilities in real-world software applications. With coverage information, such as …
vulnerabilities in real-world software applications. With coverage information, such as …
Mobfuzz: Adaptive multi-objective optimization in gray-box fuzzing
Coverage-guided gray-box fuzzing (CGF) is an efficient software testing technique. There
are usually multiple objectives to optimize in CGF. However, existing CGF meth-ods cannot …
are usually multiple objectives to optimize in CGF. However, existing CGF meth-ods cannot …
Breaking through binaries: Compiler-quality instrumentation for better binary-only fuzzing
Coverage-guided fuzzing is one of the most effective software security testing techniques.
Fuzzing takes on one of two forms: compiler-based or binary-only, depending on the …
Fuzzing takes on one of two forms: compiler-based or binary-only, depending on the …
Basesafe: Baseband sanitized fuzzing through emulation
Rogue base stations are an effective attack vector. Cellular basebands represent a critical
part of the smartphone's security: they parse large amounts of data even before …
part of the smartphone's security: they parse large amounts of data even before …
Stochfuzz: Sound and cost-effective fuzzing of stripped binaries by incremental and stochastic rewriting
Fuzzing stripped binaries poses many hard challenges as fuzzers require instrumenting
binaries to collect runtime feedback for guiding input mutation. However, due to the lack of …
binaries to collect runtime feedback for guiding input mutation. However, due to the lack of …