2019 IEEE/ACM 27th International Conference on Program Comprehension (ICPC) 2019
DOI: 10.1109/icpc.2019.00044
|View full text |Cite
|
Sign up to set email alerts
|

Sequence Coverage Directed Greybox Fuzzing

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
34
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
7
2

Relationship

0
9

Authors

Journals

citations
Cited by 32 publications
(34 citation statements)
references
References 19 publications
0
34
0
Order By: Relevance
“…Modern approaches to fuzzing aim to perform specific tasks that are challenging for automatic test generation methods. Some examples are the work of Liang et al [54] applying directed greybox fuzz to cover different sequences of programs, Nilizadeh et al who apply differential fuzzing for side-channel analysis [55], Cerebro [56] that fuzzes the program's context to detect vulnerabilities, ContractFuzzer [57] that detects vulnerabilities on smart contracts or Dee-pHunter [58] and SeqFuzzer [59] that fuzz deep learning algorithms.…”
Section: Automated Test Generation and Fuzzersmentioning
confidence: 99%
“…Modern approaches to fuzzing aim to perform specific tasks that are challenging for automatic test generation methods. Some examples are the work of Liang et al [54] applying directed greybox fuzz to cover different sequences of programs, Nilizadeh et al who apply differential fuzzing for side-channel analysis [55], Cerebro [56] that fuzzes the program's context to detect vulnerabilities, ContractFuzzer [57] that detects vulnerabilities on smart contracts or Dee-pHunter [58] and SeqFuzzer [59] that fuzz deep learning algorithms.…”
Section: Automated Test Generation and Fuzzersmentioning
confidence: 99%
“…Directed fuzzers allow to redirect test execution to avoid repeating paths and cover all the codes, if necessary [15]. Most directed fuzzers are usually white-box fuzzers based on the symbolic execution and oriented to generate test inputs [69]. Dowser is an example of the directed fuzzer [70].…”
Section: A Fuzzing Taxonomymentioning
confidence: 99%
“…Coverage-based Greybox Fuzzing (CGF), such as AFL [1] and LIBFUZZER [14], leverages code coverage information in order to guide input generation toward new parts of the program under test (PUT), exploring as many program states as possible in the hope of triggering crashes. On the other hand, Directed Greybox Fuzzing (DGF) [25,28] aims to perform stress testing on pre-selected potentially vul-nerable target locations, with applications to different security contexts: (1) bug reproduction [25,28,42,61], (2) patch testing [25,51,59] or (3) static analysis report verification [31,49]. Depending on the application, target locations are originated from bug stack traces, patches or static analysis reports.…”
Section: Introductionmentioning
confidence: 99%