A survey of protocol fuzzing

X Zhang, C Zhang, X Li, Z Du, B Mao, Y Li… - ACM Computing …, 2024 - dl.acm.org
Communication protocols form the bedrock of our interconnected world, yet vulnerabilities
within their implementations pose significant security threats. Recent developments have …

Fuzzers for stateful systems: Survey and Research Directions

C Daniele, SB Andarzian, E Poll - ACM Computing Surveys, 2024 - dl.acm.org
Fuzzing is a very effective testing methodology to find bugs. In a nutshell, a fuzzer sends
many slightly malformed messages to the software under test, hoping for crashes or …

[PDF][PDF] Large language model guided protocol fuzzing

R Meng, M Mirchev, M Böhme… - Proceedings of the …, 2024 - ndss-symposium.org
How to find security flaws in a protocol implementation without a machine-readable
specification of the protocol? Facing the internet, protocol implementations are particularly …

Sok: Prudent evaluation practices for fuzzing

M Schloegel, N Bars, N Schiller… - … IEEE Symposium on …, 2024 - ieeexplore.ieee.org
Fuzzing has proven to be a highly effective approach to uncover software bugs over the past
decade. After AFL popularized the groundbreaking concept of lightweight coverage …

Nsfuzz: Towards efficient and state-aware network service fuzzing

S Qin, F Hu, Z Ma, B Zhao, T Yin, C Zhang - ACM Transactions on …, 2023 - dl.acm.org
As an essential component responsible for communication, network services are security
critical, thus, it is vital to find their vulnerabilities. Fuzzing is currently one of the most popular …

Testing database engines via query plan guidance

J Ba, M Rigger - 2023 IEEE/ACM 45th International Conference …, 2023 - ieeexplore.ieee.org
Database systems are widely used to store and query data. Test oracles have been
proposed to find logic bugs in such systems, that is, bugs that cause the database system to …

Snapfuzz: high-throughput fuzzing of network applications

A Andronidis, C Cadar - Proceedings of the 31st ACM SIGSOFT …, 2022 - dl.acm.org
In recent years, fuzz testing has benefited from increased computational power and
important algorithmic advances, leading to systems that have discovered many critical bugs …

Bleem: Packet sequence oriented fuzzing for protocol implementations

Z Luo, J Yu, F Zuo, J Liu, Y Jiang, T Chen… - 32nd USENIX Security …, 2023 - usenix.org
Protocol implementations are essential components in network infrastructures. Flaws hidden
in the implementations can easily render devices vulnerable to adversaries. Therefore …

Evaluating and improving hybrid fuzzing

L Jiang, H Yuan, M Wu, L Zhang… - 2023 IEEE/ACM 45th …, 2023 - ieeexplore.ieee.org
To date, various hybrid fuzzers have been proposed for maximal program vulnerability
exposure by integrating the power of fuzzing strategies and concolic executors. While the …

Logos: Log guided fuzzing for protocol implementations

F Wu, Z Luo, Y Zhao, Q Du, J Yu, R Peng… - Proceedings of the 33rd …, 2024 - dl.acm.org
Network protocols are extensively used in a variety of network devices, making the security
of their implementations crucial. Protocol fuzzing has shown promise in uncovering …