Fuzz testing (fuzzing) has witnessed its prosperity in detecting security flaws recently. It
generates a large number of test cases and monitors the executions for defects. Fuzzing has …

Fuzzing is a powerful tool for vulnerability discovery in software, with much progress being
made in the field in recent years. There is limited literature available on the fuzzing …

Vulnerability identification is crucial to protect the software systems from attacks for cyber
security. It is especially important to localize the vulnerable functions among the source code …

Server fuzzing is difficult. Unlike simple command-line tools, servers feature a massive state
space that can be traversed effectively only with well-defined sequences of input messages …

High scalability and low running costs have made fuzz testing the de facto standard for
discovering software bugs. Fuzzing techniques are constantly being improved in a race to …

Context: Zero-day vulnerabilities are highly destructive and sudden. However, traditional
static and dynamic testing methods cannot efficiently detect them. Objective: In this paper, a …

Fuzzing has proven to be a highly effective approach to uncover software bugs over the past
decade. After AFL popularized the groundbreaking concept of lightweight coverage …

Coverage-based greybox fuzzing (CGF) is one of the most successful approaches for
automated vulnerability detection. Given a seed file (as a sequence of bits), a CGF randomly …

Mutation-based greybox fuzzing---unquestionably the most widely-used fuzzing technique---
relies on a set of non-crashing seed inputs (a corpus) to bootstrap the bug-finding process …

Hardware flaws are permanent and potent: hardware cannot be patched once fabricated,
and any flaws may undermine even formally verified software executing on top …