Many security and software testing applications require checking whether certain properties
of a program hold for any possible usage scenario. For instance, a tool for identifying …

Android malware has been in an increasing trend in recent years due to the pervasiveness
of Android operating system. Android malware is installed and run on the smartphones …

In this paper, we present AFL++, a community-driven open-source tool that incorporates
state-of-the-art fuzzing research, to make the research comparable, reproducible …

An effective way to maximize code coverage in software tests is through dynamic symbolic
execution-a technique that uses constraint solving to systematically explore a program's …

Fuzzing is a popular technique for finding software bugs. However, the performance of the
state-of-the-art fuzzers leaves a lot to be desired. Fuzzers based on symbolic execution …

Recently, hybrid fuzzing has been proposed to address the limitations of fuzzing and
concolic execution by combining both approaches. The hybrid approach has shown its …

Speculative execution side-channel vulnerabilities in micro-architecture processors have
raised concerns about the security of Intel SGX. To understand clearly the security impact of …

Fuzzing is a simple yet effective approach to discover software bugs utilizing randomly
generated inputs. However, it is limited by coverage and cannot find bugs hidden in deep …

High scalability and low running costs have made fuzz testing the de facto standard for
discovering software bugs. Fuzzing techniques are constantly being improved in a race to …

Coverage-based fuzzing is one of the most effective techniques to find vulnerabilities, bugs
or crashes. However, existing techniques suffer from the difficulty in exercising the paths that …