Fuzz testing has enjoyed great success at discovering security critical bugs in real software.
Recently, researchers have devoted significant effort to devising new fuzzing techniques …

Grey-box fuzzing is a practically effective approach to test real-world programs. However,
most existing grey-box fuzzers lack directedness, ie the capability of executing towards user …

As one of the most popular software testing techniques, fuzzing can find a variety of
weaknesses in a program, such as software bugs and vulnerabilities, by generating …

A flurry of fuzzing tools (fuzzers) have been proposed in the literature, aiming at detecting
software vulnerabilities effectively and efficiently. To date, it is however still challenging to …

Existing coverage-based fuzzers usually use the individual control flow graph (CFG) edge
coverage to guide the fuzzing process, which has shown great potential in finding …

Smart contracts, programs running on blockchain systems, leverage diverse decentralized
applications (DApps). Unfortunately, well-known smart contract platforms, Ethereum for …

Property-based random testing, exemplified by frameworks such as Haskell's QuickCheck,
works by testing an executable predicate (a property) on a stream of randomly generated …

Despite growing research interest, existing directed grey-box fuzzers do not scale well with
program complexity. In this paper, we identify two major scalability challenges for current …

Virtual switches are a crucial component of SDN-based cloud systems, enabling the
interconnection of virtual machines in a flexible and" software-defined" manner. This paper …

Modern fuzzing tools like AFL operate at a lexical level: They explore the input space of
tested programs one byte after another. For inputs with complex syntactical properties, this is …