Fuzzing: a survey for roadmap
Fuzz testing (fuzzing) has witnessed its prosperity in detecting security flaws recently. It
generates a large number of test cases and monitors the executions for defects. Fuzzing has …
generates a large number of test cases and monitors the executions for defects. Fuzzing has …
Magma: A ground-truth fuzzing benchmark
High scalability and low running costs have made fuzz testing the de facto standard for
discovering software bugs. Fuzzing techniques are constantly being improved in a race to …
discovering software bugs. Fuzzing techniques are constantly being improved in a race to …
Seed selection for successful fuzzing
Mutation-based greybox fuzzing---unquestionably the most widely-used fuzzing technique---
relies on a set of non-crashing seed inputs (a corpus) to bootstrap the bug-finding process …
relies on a set of non-crashing seed inputs (a corpus) to bootstrap the bug-finding process …
Nyx-net: network fuzzing with incremental snapshots
Coverage-guided fuzz testing (" fuzzing") has become mainstream and we have observed
lots of progress in this research area recently. However, it is still challenging to efficiently test …
lots of progress in this research area recently. However, it is still challenging to efficiently test …
Can large language models write good property-based tests?
Property-based testing (PBT), while an established technique in the software testing
research community, is still relatively underused in real-world software. Pain points in writing …
research community, is still relatively underused in real-world software. Pain points in writing …
Rudra: finding memory safety bugs in rust at the ecosystem scale
Rust is a promising system programming language that guarantees memory safety at
compile time. To support diverse requirements for system software such as accessing low …
compile time. To support diverse requirements for system software such as accessing low …
Diane: Identifying fuzzing triggers in apps to generate under-constrained inputs for iot devices
Internet of Things (IoT) devices have rooted themselves in the everyday life of billions of
people. Thus, researchers have applied automated bug finding techniques to improve their …
people. Thus, researchers have applied automated bug finding techniques to improve their …
Confuzzius: A data dependency-aware hybrid fuzzer for smart contracts
Smart contracts are Turing-complete programs that are executed across a blockchain.
Unlike traditional programs, once deployed, they cannot be modified. As smart contracts …
Unlike traditional programs, once deployed, they cannot be modified. As smart contracts …
[PDF][PDF] Winnie: Fuzzing windows applications with harness synthesis and fast cloning
Fuzzing is an emerging technique to automatically validate programs and uncover bugs. It
has been widely used to test many programs and has found thousands of security …
has been widely used to test many programs and has found thousands of security …
Understanding large language model based fuzz driver generation
Fuzz drivers are a necessary component of API fuzzing. However, automatically generating
correct and robust fuzz drivers is a difficult task. Compared to existing approaches, LLM …
correct and robust fuzz drivers is a difficult task. Compared to existing approaches, LLM …