2022
DOI: 10.1145/3512345
|View full text |Cite
|
Sign up to set email alerts
|

Fuzzing: A Survey for Roadmap

Abstract: Fuzz testing (fuzzing) has witnessed its prosperity in detecting security flaws recently. It generates a large number of test cases and monitors the executions for defects. Fuzzing has detected thousands of bugs and vulnerabilities in various applications. Although effective, there lacks systematic analysis of gaps faced by fuzzing. As a technique of defect detection, fuzzing is required to narrow down the gaps between the entire input space and the defect space. Without limitation on the generated inputs, the… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
39
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
5
1
1

Relationship

1
6

Authors

Journals

citations
Cited by 133 publications
(39 citation statements)
references
References 166 publications
(309 reference statements)
0
39
0
Order By: Relevance
“…Seeds submission is fundamental in developing fuzzers since it heavily impacts fuzzing efficiency [14]. To this end, we estimate how IRIS is efficient in reaching VM states compared to the real guest VM execution.…”
Section: Efficiencymentioning
confidence: 99%
See 2 more Smart Citations
“…Seeds submission is fundamental in developing fuzzers since it heavily impacts fuzzing efficiency [14]. To this end, we estimate how IRIS is efficient in reaching VM states compared to the real guest VM execution.…”
Section: Efficiencymentioning
confidence: 99%
“…In the literature, the problem is being tackled by fuzz testing, which has proven to be very effective for security isolation assessment since it can reveal new vulnerabilities and bugs in complex software systems, including hypervisors [14]. The common fuzzing loop for hypervisors is implemented by i) submitting a sequence of VM operations (or reverting a VM snapshot), to bring the VM into a given state (and its corresponding hypervisor state) and then ii) submitting fuzzing input (the corrupted seed) to the hypervisor from the reached VM state.…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation
“…Fuzz testing generates numerous test cases to test target programs repeatedly and monitors the program. Generally, fuzz testing has a queue of seeds, which are the interesting inputs, and new inputs are generated via mutating seeds in an infinite loop [1]. All software consists of blocks and branches from a code coverage perspective.…”
Section: Introductionmentioning
confidence: 99%
“…With the popularity of Internet of Things (IoT) 1 and blockchain, 2,3 more and more users' data are stored on cloud servers, which raises concerns about privacy 4‐6 . If a user encrypts data before storing it in the cloud, the privacy problem can be solved 7,8 .…”
Section: Introductionmentioning
confidence: 99%