survey

Demystify the Fuzzing Methods: A Comprehensive Survey

Authors:

Sanoop Mallissery,

Yu-Sung WuAuthors Info & Claims

ACM Computing Surveys, Volume 56, Issue 3

Article No.: 71, Pages 1 - 38

https://doi.org/10.1145/3623375

Published: 05 October 2023 Publication History

Abstract

Massive software applications possess complex data structures or parse complex data structures; in such cases, vulnerabilities in the software become inevitable. The vulnerabilities are the source of cyber-security threats, and discovering this before the software deployment is challenging. Fuzzing is a vulnerability discovery solution that resonates with random-mutation, feedback-driven, coverage-guided, constraint-guided, seed-scheduling, and target-oriented strategies. Each technique is wrapped beneath the black-, white-, and grey-box fuzzers to uncover diverse vulnerabilities. It consists of methods such as identifying structural information about the test cases to detect security vulnerabilities, symbolic and concrete program states to explore the unexplored locations, and full semantics of code coverage to create new test cases. We methodically examine each kind of fuzzers and contemporary fuzzers with a profound observation that addresses various research questions and systematically reviews and analyze the gaps and their solutions. Our survey comprised the recent related works on fuzzing techniques to demystify the fuzzing methods concerning the application domains and the target that, in turn, achieves higher code coverage and sound vulnerability detection.

References

[1]

Adobe 2021. Living off the Land (LotL) Classifier. Retrieved from https://github.com/adobe/libLOL

[2]

armDeveloper 2011. Embedded Trace Macrocell Architecture Specification in versions of the ARM architecture: ETMv1.0 to ETMv3.5. Retrieved from https://developer.arm.com/documentation/ihi0014/latest

[3]

Cornelius Aschermann, Tommaso Frassetto, Thorsten Holz, Patrick Jauernig, A.-R. Sadeghi, and Daniel Teuchert. 2019. NAUTILUS: Fishing for deep bugs with grammars. In Proceedings of the Network and Distributed System Security Symposium (NDSS’19). 1–15.

[4]

Cornelius Aschermann, Sergej Schumilo, Tim Blazytko, Robert Gawlik, and Thorsten Holz. 2019. REDQUEEN: Fuzzing with input-to-state correspondence. In Proceedings of the Network and Distributed System Security Symposium (NDSS’19). 1–15.

[5]

Vaggelis Atlidakis, Roxana Geambasu, Patrice Godefroid, Marina Polishchuk, and Baishakhi Ray. 2020. Pythia: Grammar-based fuzzing of REST APIs with coverage-guided feedback and learning-based mutations. CoRR abs/2005.11498 (2020). arXiv:2005.11498. https://arxiv.org/abs/2005.11498

[6]

Avast 2021. What Is EternalBlue? Retrieved from https://www.avast.com/c-eternalblue

[7]

Fabrice B.2005. QEMU, a fast & portable dynamic translator. In Proceedings of the USENIX Annual Technical Conference (ATC’05). 41–46.

[8]

Jinsheng Ba, Gregory J. Duck, and Abhik Roychoudhury. 2022. Efficient greybox fuzzing to detect memory errors. In Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering (ASE’22). IEEE/ACM, 1–12.

Digital Library

[9]

Roberto Baldoni, Emilio Coppa, Daniele Cono D’elia, Camil Demetrescu, and Irene Finocchi. 2019. A survey of symbolic execution techniques. ACM Comput. Surv. 51, 3 (2019), 1–39.

Digital Library

[10]

Mislav Balunović, Pavol Bielik, and Martin Vechev. 2018. Learning to solve SMT formulas. In Proceedings of the 32\({nd}\) International Conference on Neural Information Processing Systems (NIPS’18). 10338–10349.

[11]

Andrew R. Bernat and Barton P. Miller. 2011. Anywhere, any-time binary instrumentation. In Proceedings of the 10th ACM SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools (PASTE’11). ACM, 9–16.

Digital Library

[12]

Beyond Security 2018. beSTORM Black-box. Retrieved from https://beyondsecurity.com/fuzzer-bestorm-whitepaper-2.html

[13]

Marcel Boehme, Cristian Cadar, and Abhik Roychoudhury. 2021. Fuzzing: Challenges & reflections. IEEE Softw. 38, 3 (2021), 79–86.

[14]

Marcel Bohme, Van-Thuan Pham, Manh-Dung Nguyen, and Abhik Roychoudhury. 2017. Directed greybox fuzzing. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’17). ACM, 2329–2344.

Digital Library

[15]

Luca Borzacchiello, Emilio Coppa, and Camil Demetrescu. 2021. FUZZOLIC: Mixing fuzzing and concolic execution. Comput. Secur. 108, C (Sep 2021), 26 pages.

Digital Library

[16]

Bull SGI, OSD 2022. Linux Test Project. Retrieved from https://linux-test-project.github.io

[17]

Marcel Böhme, Van-Thuan Pham, and Abhik Roychoudhury. 2019. Coverage-based greybox fuzzing as markov chain. IEEE Trans. Softw. Eng. 45, 5 (2019), 489–506.

[18]

Boyuan Chen and Zhen Ming Jiang. 2021. A survey of software log instrumentation. ACM Comput. Surv. 54, 4 (2021), 1–34.

[19]

Cristian Cadar, Daniel Dunbar, and Dawson Engler. 2008. KLEE: Unassisted and automatic generation of high-coverage tests. In Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation (OSDI’08). 209–224.

[20]

Cristian Cadar and Koushik Sen. 2013. Symbolic execution for software testing. Commun. ACM 56, 2 (2013), 82–90.

Digital Library

[21]

Chen Cao, Le Guan, Jiang Ming, and Peng Liu. 2020. Device-agnostic firmware execution is possible: A concolic execution approach. In Proceedings of the Annual Computer Security Applications Conference (ACSAC’20). IEEE, 746–759.

[22]

Census Labs 2016. Choronzon: An Evolutionary Knowledge-based Fuzzer. Retrieved from https://github.com/CENSUS/choronzon

[23]

Boyuan Chen, Jian Song, Peng Xu, Xing Hu, and Zhen Ming Jack Jiang. 2018. An automated approach to estimating code coverage measures via execution logs. In Proceedings of the 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE’18). IEEE/ACM, 305–316.

Digital Library

[24]

Hongxu Chen, Yinxing Xue, Yuekang Li, Bihuan Chen, Xiaofei Xie, Xiuheng Wu, and Yang Liu. 2018. Hawkeye: Towards a desired directed grey-box fuzzer. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’18). IEEE, 2095–2108.

Digital Library

[25]

Jiongyi Chen, Wenrui Diao, Qingchuan Zhao, Chaoshun Zuo, Zhiqiang Lin, Xiaofeng Wang, W. Lau, Menghan Sun, Ronghai Yang, and Kehuan Zhang. 2018. IOTFUZZER: Discovering memory corruptions in IoT through App fuzzing. In Proceedings of the Network and Distributed System Security Symposium (NDSS’18). 1–15.

[26]

Peng Chen and Hao Chen. 2018. Angora: Efficient fuzzing by principled search. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’18). IEEE, 711–725.

[27]

Yaohui Chen, Dongliang Mu, Jun Xu, Zhichuang Sun, Wenbo Shen, Xinyu Xing, Long Lu, and Bing Mao. 2019. PTRIX: Efficient hardware-assisted fuzzing for COTS binary. In Proceedings of the ACM Asia Conference on Computer and Communications Security (Asia CCS’19). ACM, 633–645.

Digital Library

[28]

Yongheng Chen, Rui Zhong, Hong Hu, Hangfan Zhang, Yupeng Yang, Dinghao Wu, and Wenke Lee. 2021. One engine to fuzz ’em all: Generic language processor testing with semantic validation. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’21). IEEE, 642–658.

[29]

Vitaly Chipounov, Volodymyr Kuznetsov, and George Candea. 2011. S2E: A platform for in-vivo multi-path analysis of software systems. ACM SIGARCH Comput. Archit. News 39, 1 (2011), 265–278.

Digital Library

[30]

Jaeseung Choi, Joonun Jang, Choongwoo Han, and Sang Kil Cha. 2019. Grey-box concolic testing on binary code. In Proceedings of the 41st IEEE/ACM International Conference on Software Engineering (ICSE’19). IEEE/ACM, 736–747.

Digital Library

[31]

Jaeseung Choi, Kangsu Kim, Daejin Lee, and Sang Kil Cha. 2021. NTFUZZ: Enabling type-aware kernel fuzzing on windows with static binary analysis. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’21). IEEE, 677–693.

[32]

Abraham A. Clements, Eric Gustafson, Tobias Scharnowski, Paul Grosen, David Fritz, Christopher Kruegel, Giovanni Vigna, Saurabh Bagchi, and Mathias Payer. 2020. HALucinator: Firmware re-hosting through abstraction layer emulation. In Proceedings of the 29th USENIX Security Symposium1201–1218.

[33]

ClusterFuzz 2021. ClusterFuzz. Retrieved from https://google.github.io/clusterfuzz/

[34]

Jake Corina, Aravind Machiry, Christopher Salls, Yan Shoshitaishvili, Shuang Hao, Christopher Krügel, and Giovanni Vigna. 2017. DIFUZE: Interface aware fuzzing for kernel drivers. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’17). ACM, 2123–2138.

Digital Library

[35]

Pascal Cuoq, Florent Kirchner, Nikolai Kosmatov, Virgile Prevosto, Julien Signoles, and Boris Yakobowski. 2012. Frama-C. In Proceedings of the Software Engineering and Formal Methods (SEFM’12). Springer, 233–247.

Digital Library

[36]

Brendan Dolan-Gavitt, Patrick Hulin, Engin Kirda, Tim Leek, Andrea Mambretti, Wil Robertson, Frederick Ulrich, and Ryan Whelan. 2016. LAVA: Large-scale automated vulnerability addition. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’16). IEEE, 110–121.

[37]

Dave Aitel 2002. Block-Based Protocol Analysis. Retrieved from https://www.immunitysec.com/downloads/

[38]

Leonardo de Moura and Nikolaj Bjørner. 2008. Z3: An efficient SMT solver. In Proceedings of the Tools and Algorithms for the Construction and Analysis of Systems (TACAS’08). 337–340.

[39]

Leonardo De Moura and Nikolaj Bjørner. 2011. SAT: Introduction & applications. Commun. ACM 54, 9 (2011), 69–77.

Digital Library

[40]

Department of Defense (DoD) 2019. DevSecOps Reference Design. Retrieved from https://dodcio.defense.gov/Portals/0/Documents/

[41]

Sushant Dinesh, Nathan Burow, Dongyan Xu, and Mathias Payer. 2020. RetroWrite: Statically instrumenting COTS binaries for fuzzing and sanitization. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’20). IEEE, 1497–1511.

[42]

Dmitry Vyukov 2021. Randomized Testing for Go. Retrieved from https://github.com/dvyukov/go-fuzz

[43]

Dmitry Vyukov and Andrey Konovalov 2022. Syzkaller. Retrieved from https://github.com/google/syzkaller

[44]

Dmytro Oleksiuk 2011. Ioctl Fuzzer. Retrieved from https://github.com/Cr4sh/ioctlfuzzer/

[45]

Gregory J. Duck, Xiang Gao, and Abhik Roychoudhury. 2020. Binary rewriting without control flow recovery. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI’20). ACM, 151–163.

Digital Library

[46]

Martin Eberlein, Yannic Noller, Thomas Vogel, and Lars Grunske. 2020. Evolutionary grammar-based fuzzing. In Proceedings of the 12th International Symposium of Search-Based Software Engineering (SSBSE’20). Springer-Verlag, 105–120.

Digital Library

[47]

Eduard Kovacs 2021. Open Source Security Tools. Retrieved from https://google-adobe-announce-new-open-source-security-tools

[48]

Eldar Marcussen 2019. Doona—Network Based Protocol Fuzzer. Retrieved from https://github.com/wireghoul/doona

[49]

James Fell. 2017. A Review of Fuzzing Tools and Methods. Retrieved from https://tinyurl.com/4r6pkuha

[50]

Bo Feng, Alejandro Mera, and Long Lu. 2020. P2IM: Scalable and hardware-independent firmware testing via automatic peripheral interface modeling. In Proceedings of the 29th USENIX Security Symposium, 1237–1254.

[51]

Xiaotao Feng, Ruoxi Sun, Xiaogang Zhu, Minhui Xue, Sheng Wen, Dongxi Liu, Surya Nepal, and Yang Xiang. 2021. Snipuzz: Black-box fuzzing of IoT firmware via message snippet inference. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’21). ACM, 337–350.

Digital Library

[52]

Andrea Fioraldi, Dominik Maier, Heiko Eißfeldt, and Marc Heuse. 2020. AFL++: Combining incremental steps of fuzzing research. In Proceedings of the 14th USENIX Workshop on Offensive Technologies (WOOT’20). 1–12.

[53]

United States Food & Drug Administration. 2018. Efforts to Strengthen the Agency’s Medical Device Cybersecurity Program. Retrieved from https://www.fda.gov/news-events/

[54]

FuzzBall 2021. FuzzBALL Symbolic Engine. Retrieved from https://github.com/bitblaze-fuzzball/fuzzball

[55]

FuzzBallVine 2021. FuzzBALL: Vine-based Binary Symbolic Execution. Retrieved from https://bitblaze.cs.berkeley.edu/fuzzball.html

[56]

Fuzzit 2020. Coverage Guided Fuzz Testing for Java. Retrieved from https://github.com/fuzzitdev/javafuzz

[57]

Fuzzit 2020. Coverage Guided Fuzz Testing for Javascript. Retrieved from https://github.com/fuzzitdev/jsfuzz

[58]

Fuzzit 2020. Coverage Guided Fuzz Testing for Python. Retrieved from https://github.com/fuzzitdev/pythonfuzz

[59]

Shuitao Gan, Chao Zhang, Peng Chen, Bodong Zhao, Xiaojun Qin, Dong Wu, and Zuoning Chen. 2020. GREYONE: Data flow sensitive fuzzing. In Proceedings of the 29th USENIX Security Symposium, 2577–2594.

[60]

Shuitao Gan, Chao Zhang, Xiaojun Qin, Xuwen Tu, Kang Li, Zhongyu Pei, and Zuoning Chen. 2018. CollAFL: Path sensitive fuzzing. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’18). IEEE, 679–696.

[61]

Vijay Ganesh, Tim Leek, and Martin Rinard. 2009. Taint-based directed whitebox fuzzing. In Proceedings of the 31^st International Conference on Software Engineering (ICSE’09). IEEE, 474–484.

Digital Library

[62]

Xiang Gao, Gregory J. Duck, and Abhik Roychoudhury. 2021. Scalable fuzzing of program binaries with E9AFL. In Proceedings of the 36th IEEE/ACM International Conference on Automated Software Engineering (ASE’21). IEEE/ACM, 1247–1251.

Digital Library

[63]

Patrice Godefroid. 2020. Fuzzing: Hack, art, and science. Commun. ACM 63, 2 (2020), 70–76.

Digital Library

[64]

Patrice Godefroid, Adam Kiezun, and Michael Y. Levin. 2008. Grammar-based whitebox fuzzing. ACM SIGPLAN Not. 43, 6 (2008), 206–215.

Digital Library

[65]

Patrice Godefroid, Michael Y. Levin, and David Molnar. 2012. SAGE: Whitebox fuzzing for security testing: SAGE has had a remarkable impact at microsoft. Queue 10, 1 (2012), 20–27.

Digital Library

[66]

Google 2015. Honggfuzz. Retrieved from https://github.com/google/honggfuzz

[67]

Google 2016. Fuzzing Chrome. Retrieved from https://security.googleblog.com/2016/08/guided-in-process-fuzzing-of-chrome.html

[68]

Google 2021. ClusterFuzzLite. Retrieved from https://security.googleblog.com/2021/11/clusterfuzzlite-continuous-fuzzing-for.html

[69]

Google 2021. Fuzzer-test-suite. Retrieved from https://github.com/google/fuzzer-test-suite

[70]

Google 2022. OSS-fuzz. Retrieved from https://github.com/google/oss-fuzz

[71]

Samuel Groß. 2018. FuzzIL: Coverage Guided Fuzzing for JavaScript Engines. Master’s thesis. Institute of Theoretical Informatics, Competence Center for Applied Security Technology.

[72]

Binfa Gui, Wei Song, Hailong Xiong, and Jeff Huang. 2022. Automated use-after-free detection and exploit mitigation: How far have we gone? IEEE Trans. Softw.Eng. 48, 11 (2022), 4569–4589.

[73]

Tao Guo, Puhan Zhang, Xin Wang, and Qiang Wei. 2013. GramFuzz: Fuzzing testing of web browsers based on grammar analysis and structural mutation. In Proceedings of the International Conference on Informatics Applications. IEEE, 212–215.

[74]

Eric Gustafson, Marius Muench, Chad Spensky, Nilo Redini, Aravind Machiry, Yanick Fratantonio, Davide Balzarotti, Aurélien Francillon, Yung Ryn Choe, Christophe Kruegel, and Giovanni Vigna. 2019. Toward the analysis of embedded firmware through automated re-hosting. In Proceedings of the 22nd International Symposium on Research in Attacks, Intrusions and Defenses (RAID’19). USENIX, 135–150.

[75]

Istvan Haller, Asia Slowinska, Matthias Neugschwandtner, and Herbert Bos. 2013. Dowsing for Overflows: A guided fuzzer to find buffer boundary violations. In Proceedings of the 22nd USENIX Security Symposium, 49–64.

[76]

William H Hawkins, Jason D Hiser, Michele Co, Anh Nguyen-Tuong, and Jack W. Davidson. 2017. Zipr: Efficient static binary rewriting for security. In Proceedings of the 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN’17). IEEE, 559–566.

[77]

Hfiref0x 2021. NtCall64. Retrieved from https://github.com/hfiref0x/NtCall64

[78]

Christian Holler, Kim Herzig, and Andreas Zeller. 2012. Fuzzing with code fragments. In Proceedings of the 21st USENIX Security Symposium, 445–458.

[79]

Zhicheng Hu, Jianqi Shi, YanHong Huang, Jiawen Xiong, and Xiangxing Bu. 2018. GANFuzz: A GAN-based industrial network protocol fuzzing framework. In Proceedings of the 15th ACM International Conference on Computing Frontiers (CF’18). ACM, 138–145.

Digital Library

[80]

Heqing Huang, Yiyuan Guo, Qingkai Shi, Peisen Yao, Rongxin Wu, and Charles Zhang. 2022. BEACON: Directed grey-box fuzzing with provable path pruning. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’22). IEEE, 104–118.

[81]

Heqing Huang, Peisen Yao, Rongxin Wu, Qingkai Shi, and Charles Zhang. 2020. Pangolin: Incremental hybrid fuzzing with polyhedral path abstraction. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’20). IEEE, 1613–1627.

[82]

Intel 2020. Processor Tracing. Retrieved from https://software.intel.com/content/www/us/en/develop/blogs/processor-tracing.html

[83]

J. B. Crawford 2018. A Survey of Some Free Fuzzing Tools. Retrieved from https://lwn.net/Articles/744269/

[84]

James Spadaro and Lilith Wyatt 2017. Mutiny Fuzzing Framework and Decept Proxy. Retrieved from https://blog.talosintelligence.com/

[85]

Dae R. Jeong, Kyungtae Kim, Basavesh Shivakumar, Byoungyoung Lee, and Insik Shin. 2019. Razzer: Finding kernel race bugs through fuzzing. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’19). IEEE, 754–768.

[86]

Jesse Hertz 2017. Triforce Linux Syscall Fuzzer. Retrieved from https://github.com/nccgroup/TriforceLinuxSyscallFuzzer

[87]

Jesse Hertz 2017. TriforceAFL. Retrieved from https://github.com/nccgroup/TriforceAFL

[88]

Jesse Ruderman 2021. jsfunfuzz: Test JS Engine in Firefox. Retrieved from https://github.com/MozillaSecurity/funfuzz/

[89]

Tiantian Ji, Zhongru Wang, Zhihong Tian, Binxing Fang, Qiang Ruan, Haichen Wang, and Wei Shi. 2020. AFLPro: Direction sensitive fuzzing. J. Inf. Secur. Appl. 54 (2020), 1–14.

[90]

Zu-Ming Jiang, Jia-Ju Bai, Kangjie Lu, and Shi-Min Hu. 2020. Fuzzing error handling code using context-sensitive software fault injection. In Proceedings of the 29th USENIX Security Symposium, 2595–2612.

Digital Library

[91]

Zu-Ming Jiang, Jia-Ju Bai, Kangjie Lu, and Shi-Min Hu. 2022. Context-Sensitive and directional concurrency fuzzing for data-race detection. In Proc. of the Net. & Distr. Sec. Symp. (NDSS). 1–18.

[92]

Wei Jin and Alessandro Orso. 2012. BugRedux: Reproducing field failures for in-house debugging. In Proceedings of the 34th International Conference on Software Engineering (ICSE’12). IEEE, 474–484.

Digital Library

[93]

Evan Johnson, Maxwell Bland, YiFei Zhu, Joshua Mason, Stephen Checkoway, Stefan Savage, and Kirill Levchenko. 2021. Jetset: Targeted firmware rehosting for embedded systems. In Proceedings of the 30th USENIX Security Symposium, 321–338.

[94]

Josh Fruhlinger 2018. The Mirai Botnet Explained. Retrieved from https://www.csoonline.com/article/

[95]

Joshua Pereyda 2017. boofuzz: Network Protocol Fuzzing for Humans. Retrieved from https://boofuzz.readthedocs.io/en/stable/

[96]

Kaspersky 2017. WannaCry. Retrieved from https://www.kaspersky.com/resource-center/threats/ransomware-wannacry

[97]

Kyungtae Kim, Dae R. Jeong, Chung Hwan Kim, Yeongjin Jang, Insik Shin, and Byoungyoung Lee. 2017. HFL: Hybrid fuzzing on the linux kernel. In Proceedings of the Network and Distributed System Security Symposium (NDSS’17). 1–17.

[98]

Stephan Kleber, Henning Kopp, and Frank Kargl. 2018. NEMESYS: Network message syntax reverse engineering by analysis of the intrinsic structure of individual messages. In Proceedings of 12th USENIX Workshop on Offensive Technologies (WOOT’18). 1–13.

[99]

Youngjoo Ko, Bin Zhu, and Jong Kim. 2022. Fuzzing with automatically controlled interleavings to detect concurrency bugs. J. Syst. Softw. 191 (2022), 111379.

Digital Library

[100]

James Kukucka, Luís Pina, Paul Ammann, and Jonathan Bell. 2022. CONFETTI: Amplifying concolic guidance for fuzzers. In Proceedings of the 44th IEEE/ACM International Conference on Software Engineering (ICSE’22). IEEE/ACM, 438–450.

Digital Library

[101]

ZZUF 0.15 (latest). 2017. ZZUF: Multi-purpose Fuzzer. Retrieved February 1, 2022 from https://caca.zoy.org/wiki/zzuf

[102]

C. Lattner and V. Adve. 2004. LLVM: A compilation framework for lifelong program analysis transformation. In Proceedings of the International Symposium on Code Generation and Optimization (CGO’04). IEEE, 75–86.

[103]

Caroline Lemieux and Koushik Sen. 2017. FairFuzz: Targeting rare branches to rapidly increase greybox fuzz testing coverage. CoRR abs/1709.07101 (2017). arXiv:1709.07101. https://arxiv.org/abs/1709.07101

[104]

Jun Li, Bodong Zhao, and Chao Zhang. 2018. Fuzzing: A survey. Cybersecurity 1, 6 (2018), 1–13.

[105]

Wenqiang Li, Jiameng Shi, Fengjun Li, Jingqiang Lin, Wei Wang, and Le Guan. 2022. \(\mu\)AFL: Non-intrusive feedback-driven fuzzing for microcontroller firmware. In Proc. of the 44th International Conference on Software Engineering (ICSE). ACM, 1–12.

[106]

Yuwei Li, Shouling Ji, Chenyang Lyu, Yuan Chen, Jianhai Chen, Qinchen Gu, Chunming Wu, and Raheem Beyah. 2022. V-Fuzz: Vulnerability prediction-assisted evolutionary fuzzing f or binary programs. IEEE Trans. Cybern. 52, 5 (2022), 3745–3756.

[107]

Hongliang Liang, Xiaoxiao Pei, Xiaodong Jia, Wuwei Shen, and Jian Zhang. 2018. Fuzzing: State of the art. IEEE Trans. Reliabil. 67, 3 (2018), 1199–1218.

[108]

Jie Liang, Mingzhe Wang, Chijin Zhou, Zhiyong Wu, Yu Jiang, Jianzhong Liu, Zhe Liu, and Jiaguang Sun. 2022. PATA: Fuzzing with path aware taint analysis. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’22). IEEE, 154–170.

[109]

LibFuzzer 2017. libFuzzer—A Library for Coverage-guided Fuzz Testing. Retrieved from https://llvm.org/docs/LibFuzzer.html

[110]

Xiao Liu, Xiaoting Li, Rupesh P, and Dinghao Wu. 2019. DeepFuzz: Automatic generation of syntax valid c programs for fuzz testing. Proc. AAAI Conf. Artif. Intell. 33, 1 (2019), 1044–1051.

[111]

Yuwei Liu, Yanhao Wang, Purui Su, Yuanping Yu, and Xiangkun Jia. 2021. InstruGuard: Find and fix instrumentation errors for coverage-based greybox fuzzing. In Proceedings of the 36th IEEE/ACM International Conference on Automated Software Engineering (ASE’21). IEEE/ACM, 568–580.

Digital Library

[112]

Lucas Leong. 2019. Make Static Instrumentation Great Again: High Performance Fuzzing for Windows System. Retrieved from https://msrnd-cdn-stor.azureedge.net/bluehat/bluehatil/2019/

[113]

Chi-Keung Luk, Robert Cohn, Robert Muth, Harish Patil, Artur Klauser, Geoff Lowney, Steven Wallace, Vijay Janapa Reddi, and Kim Hazelwood. 2005. Pin: Building customized program analysis tools with dynamic instrumentation. ACM SIGPLAN Not. 40, 6 (2005), 190–200.

Digital Library

[114]

Chenyang Lyu, Shouling Ji, Chao Zhang, Yuwei Li, Wei-Han Lee, Yu Song, and Raheem Beyah. 2019. MOPT: Optimized mutation scheduling for fuzzers. In Proceedings of the 28th USENIX Security Symposium, 1949–1966.

[115]

Zheyu Ma, Bodong Zhao, Letu Ren, Zheming Li, Siqi Ma, Xiapu Luo, and Chao Zhang. 2022. PrIntFuzz: Fuzzing linux drivers via automated virtual device simulation. In Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA’22). ACM, 404–416.

Digital Library

[116]

Rupak Majumdar and Ru-Gang Xu. 2007. Directed test generation using symbolic grammars. In Proceedings of the 6th ACM SIGSOFT Symposium on the Foundations of Software Engineering (FSE’07). ACM, 553–556.

[117]

Valentin J.M. Manès, HyungSeok Han, Choongwoo Han, Sang Kil Cha, Manuel Egele, Edward J. S, and Maverick Woo. 2021. The art, science, and engineering of fuzzing: A survey. IEEE Trans. Softw. Eng. 47, 11 (2021), 2312–2331.

[118]

Paul Dan Marinescu and Cristian Cadar. 2020. KATCH: High-coverage testing of software patches. In Proceedings of the 9th Joint Meeting on Foundations of Software Engineering (ESEC/FSE’20). ACM, 235–245.

[119]

Martin Vuagnoux 2005. Autodafe: An Act of Software Tortur. Retrieved from https://infoscience.epfl.ch/record/140525?ln=en

[120]

Phil McMinn. 2004. Search-based software test data generation: A survey. Softw. Test Verif. Reliabil. 14, 2 (2004), 105–156.

Digital Library

[121]

Alejandro Mera, Bo Feng, Long Lu, and Engin Kirda. 2021. DICE: Automatic emulation of DMA input channels for dynamic firmware analysis. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’21). IEEE, 1938–1954.

[122]

Michał Zalewski. 2013. American Fuzzy Lop (AFL). Retrieved from https://lcamtuf.coredump.cx/afl/

[123]

MIT and Hewlett-Packard. 2009. DynamoRIO. Retrieved from https://dynamorio.org/page_home.html

[124]

Mozilla Security. 2020. Dharma: Context-free Grammar Fuzzer. Retrieved from https://github.com/mozillasecurity/dharma

[125]

Stefan Nagy and Matthew Hicks. 2019. Full-speed fuzzing: Reducing fuzzing overhead through coverage-guided tracing. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’19). IEEE, 787–802.

[126]

Stefan Nagy, Anh Nguyen-Tuong, Jason D. Hiser, Jack W. Davidson, and Matthew Hicks. 2021. Breaking through binaries: Compiler-quality instrumentation for better binary-only fuzzing. In Proceedings of the 30th USENIX Security Symposium1683–1700.

[127]

Stefan Nagy, Anh Nguyen-Tuong, Jason D. Hiser, Jack W. Davidson, and Matthew Hicks. 2021. Same coverage, less bloat: Accelerating binary-only fuzzing with coverage-preserving coverage-guided tracing. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’21). ACM, 351–365.

Digital Library

[128]

Nick Fitzgerald 2022. Cargo-Fuzz for Rust-code. Retrieved from https://rust-fuzz.github.io/book/cargo-fuzz/guide.html

[129]

Zhenyu Ning and Fengwei Zhang. 2017. Ninja: Towards transparent tracing and debugging on ARM. In Proceedings of the 26th USENIX Security Symposium. 33–49.

[130]

Mitchell Olsthoorn, Arie van Deursen, and Annibale Panichella. 2020. Generating highly-structured input data by combining search-based testing and grammar-based fuzzing. In Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering (ASE’20). IEEE/ACM, 1224–1228.

Digital Library

[131]

Rohan Padhye, Caroline Lemieux, and Koushik Sen. 2019. JQF: Coverage-guided property-based testing in Java. In Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA’19). ACM, 398–401.

Digital Library

[132]

Rohan Padhye, Caroline Lemieux, Koushik Sen, Mike Papadakis, and Yves Le Traon. 2019. Semantic fuzzing with zest. In Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA’19). ACM, 329–340.

Digital Library

[133]

Shankara Pailoor, Andrew Aday, and Suman Jana. 2018. MoonShine: Optimizing OS fuzzer seed selection with trace distillation. In Proceedings of the 27th USENIX Security Symposium, 729–743.

[134]

Jianfeng Pan, Guanglu Yan, and Xiaocao Fan. 2017. Digtool: A virtualization-based framework for detecting kernel vulnerabilities. In Proceedings of the 26th USENIX Security Symposium, 149–165.

[135]

Soyeon Park, Wen Xu, Insu Yun, Daehee Jang, and Taesoo Kim. 2020. Fuzzing javascript engines with aspect-preserving mutation. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’20). IEEE, 1628–1642.

[136]

Patrice Godefroid 2020. Fuzzing and Why It’s an Important Tool for Developers. Retrieved from https://www.microsoft.com/en-us/research/blog/a-brief-introduction-to-fuzzing-and-why-its-an-important-tool-for-developers/

[137]

PEACH. 2014. PEACH Fuzzer. Retrieved from https://gitlab.com/peachtech/peach-fuzzer-community

[138]

Pedram Amini and Aaron Portnoy 2015. Sulley: Fuzzing Framework. Retrieved from https://github.com/OpenRCE/sulley

[139]

Hui Peng and Mathias Payer. 2020. USBFuzz: A framework for fuzzing USB drivers by device emulation. In Proceedings of the 29th USENIX Security Symposium, 2559–2575.

[140]

Hui Peng, Yan Shoshitaishvili, and Mathias Payer. 2018. T-Fuzz: Fuzzing by program transformation. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’18). IEEE, 697–710.

[141]

Van-Thuan Pham, Marcel Böhme, Andrew E. Santosa, Alexandru Răzvan Căciulescu, and Abhik Roychoudhury. 2021. Smart greybox fuzzing. IEEE Trans. Softw. Eng. 47, 9 (2021), 1908–1997.

[142]

Van-Thuan Pham, Manh-Dung Nguyen, Quang-Trung Ta, Toby Murray, and Benjamin I.P. Rubinstein. 2021. Towards systematic and dynamic task allocation for collaborative parallel fuzzing. In Proceedings of the 36th IEEE/ACM International Conference on Automated Software Engineering (ASE’21). IEEE/ACM, 1337–1341.

Digital Library

[143]

Sebastian Poeplau and Aurélien Francillon. 2020. Symbolic execution with SymCC: Don’t interpret, compile! In Proceedings of the 29th USENIX Security Symposium, 181–198.

[144]

Maria F. Prevezianou. 2021. WannaCry as a Creeping Crisis. Springer International Publishing.

[145]

Corina S. Păsăreanu and Neha Rungta. 2010. Symbolic PathFinder: Symbolic execution of Java bytecode. In Proceedings of the IEEE/ACM International Conference on Automated Software Engineering (ASE’10). IEEE/ACM, 179–180.

Digital Library

[146]

Sanjay Rawat, Vivek Jain, Ashish Kumar, Lucian Cojocar, Cristiano Giuffrida, and Herbert Bos. 2017. VUzzer: Application-aware evolutionary fuzzing. In Proceedings of the Network and Distributed System Security Symposium (NDSS’17). 1–14.

[147]

David Georg Reichelt, Stefan Kühne, and Wilhelm Hasselbring. 2023. Towards solving the challenge of minimal overhead monitoring. In Proceedings of the ACM/SPEC International Conference on Performance Engg (ICPE’23). ACM, 381–388.

Digital Library

[148]

Gary J. Saavedra, Kathryn N. Rodhouse, Daniel M. Dunlavy, and W. Philip Kegelmeyer. 2019. A review of machine learning applications in fuzzing. CoRR abs/1906.11133 (2019). arXiv:1906.11133. https://arxiv.org/abs/1906.11133

[149]

César Sánchez, Gerardo Schneider, Wolfgang Ahrendt, Ezio Bartocci, Domenico Bianculli, Christian Colombo, Yliès Falcone, Adrian Francalanza, Srdan Krstic, João M. Lourenço, Dejan Nickovic, Gordon J. Pace, José Rufino, Julien Signoles, Dmitriy Traytel, and Alexander Weiss. 2019. A survey of challenges for runtime verification from advanced application domains (beyond software). Formal Methods Syst. Des. 54, 3 (2019).

[150]

Sergej Schumilo, Cornelius Aschermann, Robert Gawlik, Sebastian Schinzel, and Thorsten Holz. 2017. kAFL: Hardware-assisted feedback fuzzing for OS kernels. In Proceedings of the 26th USENIX Security Symposium, 167–182.

[151]

Amanda Schwartz, Daniel Puckett, Ying Meng, and Gregory Gay. 2018. Investigating faults missed by test suites achieving high code coverage. J. Syst. Softw. 144 (2018), 106–120.

Digital Library

[152]

Dongdong She, Kexin Pei, Dave Epstein, Junfeng Yang, Baishakhi Ray, and Suman Jana. 2019. NEUZZ: Efficient fuzzing with neural program smoothing. In Proc. of the IEEE Symp. on Security and Privacy (S&P). IEEE, 803–817.

[153]

Yuheng Shen, Hao Sun, Yu Jiang, Heyuan Shi, Yixiao Yang, and Wanli Chang. 2021. Rtkaller: State-aware task generation for RTOS fuzzing. ACM Trans. Embed. Comput. Syst. 20, 5s (2021), 1–22.

Digital Library

[154]

Prashast Srivastava and Mathias Payer. 2021. Gramatron: Effective grammar-aware fuzzing. In Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA’21). ACM, 244–256.

Digital Library

[155]

Nick Stephens, John Grosen, Christopher Salls, Audrey Dutcher, Ruoyu Wang, Jacopo Corbetta, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna. 2016. Driller: Augmenting fuzzing through selective symbolic execution. In Proceedings of the Network and Distributed System Security Symposium (NDSS’16). 1–16.

[156]

Hao Sun, Yuheng Shen, Cong Wang, Jianzhong Liu, Yu Jiang, Ting Chen, and Aiguo Cui. 2021. HEALER: Relation learning guided kernel fuzzing. In Proceedings of the ACM SIGOPS 28th Symposium on Operating Systems Principles. ACM, 344–358.

Digital Library

[157]

Synopsys. 2020. The Heartbleed Bug. Retrieved from https://heartbleed.com

[158]

Ari Takanen, Jared Demott, Charles Miller, and Atte Kettunen. 2008. Fuzzing for Software Security Testing and Quality Assurance. Artech.

Digital Library

[159]

Talos-vulndev. 2018. AFL-Dyninst. Retrieved from https://github.com/talos-vulndev/afl-dyninst

[160]

Dries Vanoverberghe, Jonathan de Halleux, Nikolai Tillmann, and Frank Piessens. 2012. State Coverage: Software validation metrics beyond code coverage. In Proceedings of the Theory and Practice of Computer Science (SOFSEM’12). Springer, 542–553.

Digital Library

[161]

David Vitek. 2016. Auditing code for security vulnerabilities with CodeSonar. In Proceedings of the IEEE Cybersecurity Development (SecDev’16). 154–154.

[162]

Daimeng Wang, Zheng Zhang, Hang Zhang, Zhiyun Qian, Srikanth V.K., and Nael Abu-Ghazaleh. 2021. SyzVegas: Beating kernel fuzzing odds with reinforcement learning. In Proceedings of the 30th USENIX Security Symposium2741–2758.

[163]

Junjie Wang, Bihuan Chen, Lei Wei, and Yang Liu. 2017. Skyfire: Data-driven seed generation for fuzzing. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’17). IEEE, 579–594.

[164]

Junjie Wang, Bihuan Chen, Lei Wei, and Yang Liu. 2019. Superion: Grammar-aware greybox fuzzing. In Proceedings of the IEEE/ACM 41st International Conference on Software Engineering (ICSE’19). IEEE/ACM, 724–735.

Digital Library

[165]

Mingzhe Wang, Jie Liang, Chijin Zhou, Yu Jiang, Rui Wang, Chengnian Sun, and Jiaguang Sun. 2021. RIFF: Reduced instruction footprint for coverage-guided fuzzing. In Proceedings of the USENIX Annual Technical Conference (ATC’21). 147–159.

[166]

Pengfei Wang and Xu Zhou. 2020. SoK: The progress, challenges, and perspectives of directed greybox fuzzing. CoRR abs/2005.11907 (2020). https://arxiv.org/abs/2005.11907

[167]

Tielei Wang, Tao Wei, Guofei Gu, and Wei Zou. 2010. TaintScope: A checksum-aware directed fuzzing tool for software vulnerability detection. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’10). IEEE, 497–512.

Digital Library

[168]

Yan Wang, Peng Jia, Luping Liu, Cheng Huang, and Zhonglin Liu. 2020. A systematic review of fuzzing based on machine learning techniques. PLOS ONE 15, 8 (2020), 1–37.

[169]

Yanhao Wang, Xiangkun Jia, Yuwei Liu, Kyle Zeng, Tiffany Bao, Dinghao Wu, and Purui Su. 2020. not all coverage measurements are equal: Fuzzing by coverage accounting for input prioritization. In Proceedings of the Network and Distributed System Security Symposium (NDSS’20). 1–15.

[170]

Cheng Wen, Haijun Wang, Yuekang Li, Shengchao Qin, Yang Liu, Zhiwu Xu, Hongxu Chen, Xiaofei Xie, Geguang Pu, and Ting Liu. 2020. MemLock: Memory usage guided fuzzing. In Proceedings of the 42nd International Conference on Software Engineering (ICSE’20). IEEE/ACM, 765–777.

Digital Library

[171]

Michael W. Whalen, Suzette Person, Neha Rungta, Matt Staats, and Daniela Grijincu. 2015. A flexible and non-intrusive approach for computing complex structural coverage metrics. In Proceedings of the IEEE/ACM 37th IEEE International Conference on Software Engineering (ICSE’15). IEEE/ACM, 506–516.

[172]

Matt Windsor, Alastair F. Donaldson, and John Wickerson. 2021. C4: The C compiler concurrency checker. In Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA’21). ACM, 670–673.

Digital Library

[173]

Xie Xiaofei and Li Xiaohong. 2019. Hybrid testing method based on symbolic execution and fuzzing. J. Softw. 30, 10 (2019), 3071–3089.

[174]

Meng Xu, Sanidhya Kashyap, Hanqing Zhao, and Taesoo Kim. 2020. Krace: Data race fuzzing for kernel file systems. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’20). IEEE, 1643–1660.

[175]

Xuejun Yang, Yang Chen, Eric Eide, and John Regehr. 2011. Finding and understanding bugs in C compilers. ACM SIGPLAN Not. 46, 6 (2011), 283–294.

Digital Library

[176]

Yoav Alon and Netanel Ben-Simon 2018. Fuzzing Adobe Reader. Retrieved from https://research.checkpoint.com/2018/

[177]

Insu Yun, Sangho Lee, Meng Xu, Yeongjin Jang, and Taesoo Kim. 2018. QSYM : A practical concolic execution engine tailored for hybrid fuzzing. In Proceedings of the 27th USENIX Security Symposium, 745–761.

[178]

Jonas Zaddach, Luca Bruno, Davide Balzarotti, and Aurelien Francillon. 2014. Avatar: A framework to support dynamic security analysis of embedded systems’ firmwares. In Proceedings of the Network and Distributed System Security Symposium (NDSS’14). 1–16.

[179]

Gen Zhang, Xu Zhou, Yingqi Luo, Xugang Wu, and Erxue Min. 2018. PTfuzz: Guided fuzzing with processor trace feedback. IEEE Access 6 (2018), 37302–37313.

[180]

Tao Zhang, Yu Jiang, Runsheng Guo, Xiaoran Zheng, and Hui Lu. 2020. A survey of hybrid fuzzing based on symbolic execution. In Proceedings of the International Conference on Cyberspace Innovation of Advanced Technologies (CIAT’20). ACM, 192–196.

Digital Library

[181]

Yan Zhang, Junwen Zhang, Dalin Zhang, and Yongmin Mu. 2018. Survey of directed fuzzy technology. In Proceedings of the IEEE 9th International Conference on Software Engineering and Service Science (ICSESS’18). IEEE, 696–699.

[182]

Zhuo Zhang, Wei You, Guanhong Tao, Yousra Aafer, Xuwei Liu, and Xiangyu Zhang. 2021. StochFuzz: Sound and cost-effective fuzzing of stripped binaries by incremental and stochastic rewriting. In Proceedings of the IEEE Symposium on Security and Privacy (S&P’21). IEEE, 659–677.

[183]

Bodong Zhao, Zheming Li, Shisong Qin, Zheyu Ma, Ming Yuan, Wenyu Zhu, Zhihong Tian, and Chao Zhang. 2022. StateFuzz: System call-based state-aware linux driver fuzzing. In Proceedings of the 31st USENIX Security Symposium, 3273–3289.

[184]

Rui Zhong, Yongheng Chen, Hong Hu, Hangfan Zhang, Wenke Lee, and Dinghao Wu. 2020. SQUIRREL: Testing database management systems with language validity and coverage feedback. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’20). ACM, 955–970.

Digital Library

[185]

Wei Zhou, Le Guan, Peng Liu, and Yuqing Zhang. 2021. Automatic firmware emulation through invalidity-guided knowledge inference. In Proceedings of the 30th USENIX Security Symposium, 2007–2024.

[186]

Xu Zhou, Pengfei Wang, Chenyifan Liu, Tai Yue, Yingying Liu, Congxi Song, Kai Lu, Qidi Yin, and Xu Han. 2023. UltraFuzz: Towards resource-saving in distributed fuzzing. IEEE Trans. Softw. Eng. 49, 4 (2023), 2394–2412.

Digital Library

[187]

Shunkai Zhu, Jingyi Wang, Jun Sun, Jie Yang, Xingwei Lin, Liyi Zhang, and Peng Cheng. 2021. Better pay attention whilst fuzzing. CoRR abs/2112.07143 (2021). arXiv:2112.07143. https://arxiv.org/abs/2112.07143

[188]

Xiaogang Zhu, Sheng Wen, Seyit Camtepe, and Yang Xiang. 2022. Fuzzing: A survey for roadmap. ACM Comput. Surv. 54, 11 (2022), 1–36.

Digital Library

[189]

Xiaochen Zou, Guoren Li, Weiteng Chen, Hang Zhang, and Zhiyun Qian. 2022. SyzScope: Revealing high-risk security impacts of fuzzer-exposed bugs in linux kernel. In Proceedings of the 31st USENIX Security Symposium, 3201–3217.

Cited By

Hölk KMazurczyk WZuppelli MCaviglione L(2024)Investigating HTTP Covert Channels Through Fuzz TestingProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3664493(1-9)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3664493
Wang JQian PHuang XYing XChen YJi SChen JXie JLiu LChristakis MPradel M(2024)Tacoma: Enhanced Browser Fuzzing with Fine-Grained Semantic AlignmentProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3680351(1174-1185)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3680351
Kim TChoi JIm SHeo KCha S(2024)Evaluating Directed Fuzzers: Are We Heading in the Right Direction?Proceedings of the ACM on Software Engineering10.1145/36437411:FSE(316-337)Online publication date: 12-Jul-2024
https://doi.org/10.1145/3643741
Show More Cited By

Index Terms

Demystify the Fuzzing Methods: A Comprehensive Survey
1. Security and privacy
  1. Software and application security
    1. Software reverse engineering
    2. Software security engineering
  2. Systems security
    1. Distributed systems security
    2. Information flow control
2. Software and its engineering
  1. Software notations and tools
    1. Compilers
      1. Parsers
    2. General programming languages
      1. Language types
        Distributed programming languages

Recommendations

Random Testing and Evolutionary Testing for Fuzzing GraphQL APIs
The Graph Query Language (GraphQL) is a powerful language for application programming interface (API) manipulation in web services. It has been recently introduced as an alternative solution for addressing the limitations of RESTful APIs. This article ...
Fuzzing for CPS Mutation Testing
ASE '23: Proceedings of the 38th IEEE/ACM International Conference on Automated Software Engineering

Mutation testing can help reduce the risks of releasing faulty software. For such reason, it is a desired practice for the development of embedded software running in safety-critical cyber-physical systems (CPS). Unfortunately, state-of-the-art test data ...
A Model-Based Behavioral Fuzzing Approach for Network Service
IMCCC '13: Proceedings of the 2013 Third International Conference on Instrumentation, Measurement, Computer, Communication and Control

Network services face various security challenges such as targeted attacks exploiting security vulnerabilities. Fuzz testing plays an important role in security testing of network service. However, current fuzzing approaches focus on protocol syntax and ...

Comments

Information & Contributors

Information

Published In

cover image ACM Computing Surveys

ACM Computing Surveys Volume 56, Issue 3

March 2024

977 pages

EISSN:1557-7341

DOI:10.1145/3613568

Editor:
Albert Zomaya
University of Sydney, Australia

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 October 2023

Online AM: 09 September 2023

Accepted: 21 August 2023

Revised: 11 August 2023

Received: 24 August 2022

Published in CSUR Volume 56, Issue 3

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Survey

Funding Sources

National Science and Technology Council of the Republic of China

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

11
Total Citations
View Citations
2,833
Total Downloads

Downloads (Last 12 months)2,253
Downloads (Last 6 weeks)260

Reflects downloads up to 24 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hölk KMazurczyk WZuppelli MCaviglione L(2024)Investigating HTTP Covert Channels Through Fuzz TestingProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3664493(1-9)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3664493
Wang JQian PHuang XYing XChen YJi SChen JXie JLiu LChristakis MPradel M(2024)Tacoma: Enhanced Browser Fuzzing with Fine-Grained Semantic AlignmentProceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3650212.3680351(1174-1185)Online publication date: 11-Sep-2024
https://dl.acm.org/doi/10.1145/3650212.3680351
Kim TChoi JIm SHeo KCha S(2024)Evaluating Directed Fuzzers: Are We Heading in the Right Direction?Proceedings of the ACM on Software Engineering10.1145/36437411:FSE(316-337)Online publication date: 12-Jul-2024
https://doi.org/10.1145/3643741
Chaudhary PKrishna NMaiti RVilela JSchulmann HLi N(2024)IoTFuzzSentry: Hunting Bugs In The IoT Wilderness In Operational Phase Using Payload FuzzingProceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy10.1145/3626232.3658642(171-173)Online publication date: 19-Jun-2024
https://dl.acm.org/doi/10.1145/3626232.3658642
Ma ZWu ZWei Q(2024)CWEInject: build fuzzer benchmark through bug templatesThird International Conference on Electronic Information Engineering and Data Processing (EIEDP 2024)10.1117/12.3032933(122)Online publication date: 5-Jul-2024
https://doi.org/10.1117/12.3032933
Xu JWang JMa YLi LJia C(2024)RumFuzz: Coverage-guided Greybox Fuzzing with Reasonable Use of Memory2024 IEEE 24th International Conference on Software Quality, Reliability and Security (QRS)10.1109/QRS62785.2024.00059(526-535)Online publication date: 1-Jul-2024
https://doi.org/10.1109/QRS62785.2024.00059
Hakim SAdil MBatalla JMavromoustakis CSong H(2024)Exploring the Frontiers of Firmware Fuzzing: μAFL’s Application on Cortex M4 and Unix Programs2024 International Wireless Communications and Mobile Computing (IWCMC)10.1109/IWCMC61514.2024.10592348(1141-1148)Online publication date: 27-May-2024
https://doi.org/10.1109/IWCMC61514.2024.10592348
Braunisch NRistin MOtto BSchanely Pvan de Venn HWollschlaeger MKleinert T(2024)Automatic Fuzzing of Asset Administration Shells as Digital Twins for Industry 4.02024 IEEE 20th International Conference on Automation Science and Engineering (CASE)10.1109/CASE59546.2024.10711585(3525-3530)Online publication date: 28-Aug-2024
https://doi.org/10.1109/CASE59546.2024.10711585
Pham VThi Thu Hien DPhuc Chuong NThanh Thai PThe Duy P(2024)A Coverage-Guided Fuzzing Method for Automatic Software Vulnerability Detection Using Reinforcement Learning-Enabled Multi-Level Input MutationIEEE Access10.1109/ACCESS.2024.342198912(129064-129080)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3421989
Shen YZhang HShao SZhang Z(2024)LPBFuzz: Binary program fuzzing with enhanced coverage of low-frequency program branchesJournal of Physics: Conference Series10.1088/1742-6596/2858/1/0120292858:1(012029)Online publication date: 1-Oct-2024
https://doi.org/10.1088/1742-6596/2858/1/012029
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Full Text

View this article in Full Text.

Media

Figures

Other

Tables

View full text|Download PDF

View Issue’s Table of Contents