Memlock: Memory usage guided fuzzing
Uncontrolled memory consumption is a kind of critical software security weaknesses. It can
also become a security-critical vulnerability when attackers can take control of the input to …
also become a security-critical vulnerability when attackers can take control of the input to …
[PDF][PDF] Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization.
Coverage-based fuzzing has been actively studied and widely adopted for finding
vulnerabilities in real-world software applications. With coverage information, such as …
vulnerabilities in real-world software applications. With coverage information, such as …
Send hardest problems my way: Probabilistic path prioritization for hybrid fuzzing
Hybrid fuzzing which combines fuzzing and concolic execution has become an advanced
technique for software vulnerability detection. Based on the observation that fuzzing and …
technique for software vulnerability detection. Based on the observation that fuzzing and …
Understanding the reproducibility of crowd-reported security vulnerabilities
Today's software systems are increasingly relying on the “power of the crowd” to identify new
security vulnerabilities. And yet, it is not well understood how reproducible the crowd …
security vulnerabilities. And yet, it is not well understood how reproducible the crowd …
Sofi: Reflection-augmented fuzzing for javascript engines
JavaScript engines have been shown prone to security vulnerabilities, which can lead to
serious consequences due to their popularity. Fuzzing is an effective testing technique to …
serious consequences due to their popularity. Fuzzing is an effective testing technique to …
An empirical study of oss-fuzz bugs
ZY Ding, C Le Goues - 2021 IEEE/ACM 18th International …, 2021 - ieeexplore.ieee.org
Continuous fuzzing is an increasingly popular technique for automated quality and security
assurance. Google maintains OSS-Fuzz: a continuous fuzzing service for open source …
assurance. Google maintains OSS-Fuzz: a continuous fuzzing service for open source …
Efficient feature extraction methodologies for unknown MP4-Malware detection using Machine learning algorithms
We are living in an era in which daily interaction between individuals and businesses
involves sending, uploading, and sharing videos as a means of communication and …
involves sending, uploading, and sharing videos as a means of communication and …
A large-scale empirical study on vulnerability distribution within projects and the lessons learned
B Liu, G Meng, W Zou, Q Gong, F Li, M Lin… - Proceedings of the …, 2020 - dl.acm.org
The number of vulnerabilities increases rapidly in recent years, due to advances in
vulnerability discovery solutions. It enables a thorough analysis on the vulnerability …
vulnerability discovery solutions. It enables a thorough analysis on the vulnerability …
Airtaint: Making dynamic taint analysis faster and easier
Dynamic Taint Analysis (DTA) is a widely used data flow tracking technique and helps
security researchers in various applications, such as fuzzing and vulnerability analysis. One …
security researchers in various applications, such as fuzzing and vulnerability analysis. One …
An empirical study of vulnerability discovery methods over the past ten years
In recent years, hundreds of vulnerability discovery methods have been proposed and
proven to be effective (ie, Is Effective) by discovering thousands of vulnerabilities in real …
proven to be effective (ie, Is Effective) by discovering thousands of vulnerabilities in real …