A systematic review of fuzzing
Fuzzing is an important technique in software and security testing that involves continuously
generating a large number of test cases against target programs to discover unexpected …
generating a large number of test cases against target programs to discover unexpected …
{MINER}: A Hybrid {Data-Driven} Approach for {REST}{API} Fuzzing
In recent years, REST API fuzzing has emerged to explore errors on a cloud service. Its
performance highly depends on the sequence construction and request generation …
performance highly depends on the sequence construction and request generation …
Learning seed-adaptive mutation strategies for greybox fuzzing
In this paper, we present a technique for learning seed-adaptive mutation strategies for
fuzzers. The performance of mutation-based fuzzers highly depends on the mutation …
fuzzers. The performance of mutation-based fuzzers highly depends on the mutation …
A novel combinatorial testing approach with fuzzing strategy
J Chen, J Chen, S Cai, H Chen… - Journal of Software …, 2023 - Wiley Online Library
Combinatorial testing (CT) is considered as a practical approach to detect software faults,
which has arisen from the interaction between factors affecting the software behavior …
which has arisen from the interaction between factors affecting the software behavior …
FCEVAL: An effective and quantitative platform for evaluating fuzzer combinations fairly and easily
X Zhao, C Yang, Z Jia, Y Wang, J Ma - Computers & Security, 2023 - Elsevier
Multiple base fuzzers collaborate as a fuzzer combination. Fuzzer combinations have been
proven to perform more robustly and efficiently when fuzzing complicated real-world …
proven to perform more robustly and efficiently when fuzzing complicated real-world …
FuzzInMem: Fuzzing Programs via In-memory Structures
In recent years, coverage-based greybox fuzzing has proven to be an effective and practical
technique for discovering software vulnerabilities. The availability of American Fuzzy Loop …
technique for discovering software vulnerabilities. The availability of American Fuzzy Loop …
BazzAFL: Moving Fuzzing Campaigns Towards Bugs Via Grouping Bug-Oriented Seeds
As one of the most successful techniques in hunting software bugs, Coverage-guided
Greybox Fuzzing (CGF) intends to move fuzzing campaigns towards executions that can …
Greybox Fuzzing (CGF) intends to move fuzzing campaigns towards executions that can …
Explainable fuzzer evaluation
While the aim of fuzzer evaluation is to establish fuzzer performance in general, an
evaluation is always conducted on a specific benchmark. In this paper, we investigate the …
evaluation is always conducted on a specific benchmark. In this paper, we investigate the …
Not All Seeds Are Important: Fuzzing Guided by Untouched Edges
C Xie, P Jia, P Yang, C Hu, H Kuang, G Ye, X Hong - Applied Sciences, 2023 - mdpi.com
Coverage-guided greybox fuzzing (CGF) has become the mainstream technology used in
the field of vulnerability mining, which has been proven to be effective. Seed scheduling, the …
the field of vulnerability mining, which has been proven to be effective. Seed scheduling, the …
LinFuzz: Program-Sensitive Seed Scheduling Greybox Fuzzing Based on LinUCB Algorithm
Y Su, D Xiong, Y Wan, C Shi, Q Zeng - IEEE Access, 2024 - ieeexplore.ieee.org
The mutation-based greybox fuzz testing technique is one of the widely used dynamic
vulnerability detection techniques. It generates testcases for testing by mutating input seeds …
vulnerability detection techniques. It generates testcases for testing by mutating input seeds …