Fuzz testing (fuzzing) has witnessed its prosperity in detecting security flaws recently. It
generates a large number of test cases and monitors the executions for defects. Fuzzing has …

Fuzz testing has enjoyed great success at discovering security critical bugs in real software.
Recently, researchers have devoted significant effort to devising new fuzzing techniques …

Coverage-guided fuzzing is a widely used and effective solution to find software
vulnerabilities. Tracking code coverage and utilizing it to guide fuzzing are crucial to …

Mutation-based fuzzing is one of the most popular vulnerability discovery solutions. Its
performance of generating interesting test cases highly depends on the mutation scheduling …

High scalability and low running costs have made fuzz testing the de facto standard for
discovering software bugs. Fuzzing techniques are constantly being improved in a race to …

Fuzzing has become the de facto standard technique for finding software vulnerabilities.
However, even state-of-the-art fuzzers are not very efficient at finding hard-to-trigger …

In recent years, coverage-based greybox fuzzing has proven itself to be one of the most
effective techniques for finding security bugs in practice. Particularly, American Fuzzy Lop …

Data flow analysis (eg, dynamic taint analysis) has proven to be useful for guiding fuzzers to
explore hard-to-reach code and find vulnerabilities. However, traditional taint analysis is …

Coverage-based greybox fuzzing (CGF) is one of the most successful approaches for
automated vulnerability detection. Given a seed file (as a sequence of bits), a CGF randomly …

Performance problems in software can arise unexpectedly when programs are provided with
inputs that exhibit worst-case behavior. A large body of work has focused on diagnosing …