Fuzzing: a survey for roadmap
Fuzz testing (fuzzing) has witnessed its prosperity in detecting security flaws recently. It
generates a large number of test cases and monitors the executions for defects. Fuzzing has …
generates a large number of test cases and monitors the executions for defects. Fuzzing has …
Fuzzing vulnerability discovery techniques: Survey, challenges and future directions
C Beaman, M Redbourne, JD Mummery, S Hakak - Computers & Security, 2022 - Elsevier
Fuzzing is a powerful tool for vulnerability discovery in software, with much progress being
made in the field in recent years. There is limited literature available on the fuzzing …
made in the field in recent years. There is limited literature available on the fuzzing …
Fuzzbench: an open fuzzer benchmarking platform and service
Fuzzing is a key tool used to reduce bugs in production software. At Google, fuzzing has
uncovered tens of thousands of bugs. Fuzzing is also a popular subject of academic …
uncovered tens of thousands of bugs. Fuzzing is also a popular subject of academic …
Smartian: Enhancing smart contract fuzzing with static and dynamic data-flow analyses
Unlike traditional software, smart contracts have the unique organization in which a
sequence of transactions shares persistent states. Unfortunately, such a characteristic …
sequence of transactions shares persistent states. Unfortunately, such a characteristic …
On the reliability of coverage-based fuzzer benchmarking
Given a program where none of our fuzzers finds any bugs, how do we know which fuzzer is
better? In practice, we often look to code coverage as a proxy measure of fuzzer …
better? In practice, we often look to code coverage as a proxy measure of fuzzer …
Harvey: A greybox fuzzer for smart contracts
V Wüstholz, M Christakis - Proceedings of the 28th ACM Joint Meeting …, 2020 - dl.acm.org
We present Harvey, an industrial greybox fuzzer for smart contracts, which are programs
managing accounts on a blockchain. Greybox fuzzing is a lightweight test-generation …
managing accounts on a blockchain. Greybox fuzzing is a lightweight test-generation …
{UNIFUZZ}: A holistic and pragmatic {Metrics-Driven} platform for evaluating fuzzers
A flurry of fuzzing tools (fuzzers) have been proposed in the literature, aiming at detecting
software vulnerabilities effectively and efficiently. To date, it is however still challenging to …
software vulnerabilities effectively and efficiently. To date, it is however still challenging to …
Sok: Prudent evaluation practices for fuzzing
Fuzzing has proven to be a highly effective approach to uncover software bugs over the past
decade. After AFL popularized the groundbreaking concept of lightweight coverage …
decade. After AFL popularized the groundbreaking concept of lightweight coverage …
SymQEMU: Compilation-based symbolic execution for binaries
S Poeplau, A Francillon - NDSS 2021, Network and Distributed System …, 2021 - hal.science
Symbolic execution is a powerful technique for software analysis and bug detection.
Compilation-based symbolic execution is a recently proposed flavor that has been shown to …
Compilation-based symbolic execution is a recently proposed flavor that has been shown to …
[PDF][PDF] Reinforcement learning-based hierarchical seed scheduling for greybox fuzzing
Coverage metrics play an essential role in greybox fuzzing. Recent work has shown that fine-
grained coverage metrics could allow a fuzzer to detect bugs that cannot be covered by …
grained coverage metrics could allow a fuzzer to detect bugs that cannot be covered by …