Fuzzing: a survey

Security vulnerability is one of the root causes of cyber-security threats. To discover vulnerabilities and fix them in advance, researchers have proposed several techniques, among which fuzzing is the most widely used one. In recent years, fuzzing solutions, like AFL, have made great improvements i...

Celý popis

Uloženo v:

Podrobná bibliografie
Vydáno v:	Cybersecurity (Singapore) Ročník 1; číslo 1; s. 1 - 13
Hlavní autoři:	Li, Jun, Zhao, Bodong, Zhang, Chao
Médium:	Journal Article
Jazyk:	angličtina
Vydáno:	Singapore Springer Singapore 05.06.2018 Springer Nature B.V SpringerOpen
Témata:	Computer Science Coverage-based fuzzing Cybersecurity Fuzzing Software security Survey System Security Vulnerability discovery Fuzzing Vulnerability discovery Coverage-based fuzzing Software security
ISSN:	2523-3246, 2523-3246
On-line přístup:	Získat plný text
Tagy:	Přidat tag Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!

Abstract	Security vulnerability is one of the root causes of cyber-security threats. To discover vulnerabilities and fix them in advance, researchers have proposed several techniques, among which fuzzing is the most widely used one. In recent years, fuzzing solutions, like AFL, have made great improvements in vulnerability discovery. This paper presents a summary of the recent advances, analyzes how they improve the fuzzing process, and sheds light on future work in fuzzing. Firstly, we discuss the reason why fuzzing is popular, by comparing different commonly used vulnerability discovery techniques. Then we present an overview of fuzzing solutions, and discuss in detail one of the most popular type of fuzzing, i.e., coverage-based fuzzing. Then we present other techniques that could make fuzzing process smarter and more efficient. Finally, we show some applications of fuzzing, and discuss new trends of fuzzing and potential future directions.
AbstractList	Security vulnerability is one of the root causes of cyber-security threats. To discover vulnerabilities and fix them in advance, researchers have proposed several techniques, among which fuzzing is the most widely used one. In recent years, fuzzing solutions, like AFL, have made great improvements in vulnerability discovery. This paper presents a summary of the recent advances, analyzes how they improve the fuzzing process, and sheds light on future work in fuzzing. Firstly, we discuss the reason why fuzzing is popular, by comparing different commonly used vulnerability discovery techniques. Then we present an overview of fuzzing solutions, and discuss in detail one of the most popular type of fuzzing, i.e., coverage-based fuzzing. Then we present other techniques that could make fuzzing process smarter and more efficient. Finally, we show some applications of fuzzing, and discuss new trends of fuzzing and potential future directions. Abstract Security vulnerability is one of the root causes of cyber-security threats. To discover vulnerabilities and fix them in advance, researchers have proposed several techniques, among which fuzzing is the most widely used one. In recent years, fuzzing solutions, like AFL, have made great improvements in vulnerability discovery. This paper presents a summary of the recent advances, analyzes how they improve the fuzzing process, and sheds light on future work in fuzzing. Firstly, we discuss the reason why fuzzing is popular, by comparing different commonly used vulnerability discovery techniques. Then we present an overview of fuzzing solutions, and discuss in detail one of the most popular type of fuzzing, i.e., coverage-based fuzzing. Then we present other techniques that could make fuzzing process smarter and more efficient. Finally, we show some applications of fuzzing, and discuss new trends of fuzzing and potential future directions.
ArticleNumber	6
Author	Li, Jun Zhang, Chao Zhao, Bodong
Author_xml	– sequence: 1 givenname: Jun surname: Li fullname: Li, Jun organization: Tsinghua University – sequence: 2 givenname: Bodong surname: Zhao fullname: Zhao, Bodong organization: Tsinghua University – sequence: 3 givenname: Chao surname: Zhang fullname: Zhang, Chao email: chaoz@tsinghua.edu.cn organization: Tsinghua University
BookMark	eNp9kM1LAzEQxYNUsNYePHoreF7N12Y33qRYLRS86DlMsklJqZua7Arbv96tKyqCnmYY3u-94Z2iUR1qi9AFwVeElOI6ccoxzjApM4wxzbojNKY5ZRmjXIx-7CdomtLmoCkk4wUfo_NFu9_7en0zg1lq45vtztCxg22y0885Qc-Lu6f5Q7Z6vF_Ob1eZ4bJsMu40kUIQWzGGLeW6ck44YwUY0FbmFpcAWuScOs5t0Uc67KiGXFgjOJRsgpaDbxVgo3bRv0DsVACvPg4hrhXExputVQIbXbCKCkokl0WpmdOOOQlMC1MWpPe6HLx2Mby2NjVqE9pY9-8ryhmmjDBJexUZVCaGlKJ1X6kEq0ORaihS9UWqQ0mq65niF2N8A40PdRPBb_8l6UCmPqVe2_j909_QO8iphzQ
CitedBy_id	crossref_primary_10_1007_s10515_025_00557_x crossref_primary_10_1371_journal_pone_0273804 crossref_primary_10_1145_3628160 crossref_primary_10_5604_01_3001_0016_0800 crossref_primary_10_1145_3725811 crossref_primary_10_1016_j_cose_2024_104196 crossref_primary_10_1109_TSE_2020_3047766 crossref_primary_10_1109_ACCESS_2019_2895025 crossref_primary_10_1186_s42400_022_00120_1 crossref_primary_10_1109_ACCESS_2024_3421330 crossref_primary_10_1109_TIFS_2022_3192991 crossref_primary_10_1109_TSE_2023_3326144 crossref_primary_10_1371_journal_pone_0237749 crossref_primary_10_1016_j_asoc_2025_112973 crossref_primary_10_1016_j_infsof_2024_107591 crossref_primary_10_1109_COMST_2024_3372630 crossref_primary_10_1145_3607538 crossref_primary_10_1186_s42400_020_00055_5 crossref_primary_10_1007_s11432_023_4127_5 crossref_primary_10_1007_s10009_020_00587_8 crossref_primary_10_1007_s00521_020_05039_7 crossref_primary_10_1007_s10664_024_10541_w crossref_primary_10_1134_S0361768824010079 crossref_primary_10_4271_12_07_02_0013 crossref_primary_10_1145_3728915 crossref_primary_10_1016_j_infsof_2020_106488 crossref_primary_10_3390_electronics12132904 crossref_primary_10_1007_s10207_024_00979_w crossref_primary_10_1007_s10515_024_00418_z crossref_primary_10_1016_j_cose_2022_102669 crossref_primary_10_1007_s00607_025_01421_2 crossref_primary_10_3390_electronics10243142 crossref_primary_10_1007_s11390_021_1196_0 crossref_primary_10_1145_3728873 crossref_primary_10_1145_3527317 crossref_primary_10_1145_3432893 crossref_primary_10_1016_j_cose_2022_102817 crossref_primary_10_1109_TSE_2024_3393070 crossref_primary_10_1109_JIOT_2025_3577602 crossref_primary_10_3390_app10144740 crossref_primary_10_1016_j_cose_2022_102813 crossref_primary_10_1002_stvr_1715 crossref_primary_10_1016_j_jss_2024_111989 crossref_primary_10_1145_3538644 crossref_primary_10_1109_TSE_2024_3428528 crossref_primary_10_1016_j_comnet_2024_110238 crossref_primary_10_1109_JIOT_2023_3303780 crossref_primary_10_1145_3718346 crossref_primary_10_3390_app132413042 crossref_primary_10_1088_1742_6596_1678_1_012109 crossref_primary_10_1016_j_array_2025_100447 crossref_primary_10_1109_JIOT_2021_3056179 crossref_primary_10_3390_s22051829 crossref_primary_10_3390_electronics14132537 crossref_primary_10_3390_cryptography6040053 crossref_primary_10_3390_fi16070256 crossref_primary_10_1016_j_infsof_2019_106221 crossref_primary_10_3390_blockchains1010002 crossref_primary_10_1186_s42400_023_00143_2 crossref_primary_10_1016_j_cose_2024_104171 crossref_primary_10_1002_stvr_1869 crossref_primary_10_1145_3643895 crossref_primary_10_3390_electronics13081498 crossref_primary_10_1109_ACCESS_2020_3030798 crossref_primary_10_3390_info16050405 crossref_primary_10_1109_ACCESS_2022_3223359 crossref_primary_10_1109_TDSC_2020_3014624 crossref_primary_10_1109_JSEN_2023_3301517 crossref_primary_10_1145_3512345 crossref_primary_10_1145_3610721 crossref_primary_10_1002_int_23072 crossref_primary_10_1145_3729304 crossref_primary_10_1016_j_cose_2022_103015 crossref_primary_10_1109_ACCESS_2022_3174052 crossref_primary_10_1587_transinf_2019ICP0004 crossref_primary_10_1109_ACCESS_2025_3575691 crossref_primary_10_1016_j_jss_2024_112015 crossref_primary_10_1007_s00500_023_09306_2 crossref_primary_10_1186_s42400_023_00153_0 crossref_primary_10_1109_JIOT_2022_3182589 crossref_primary_10_1109_TSE_2019_2946563 crossref_primary_10_1145_3587158 crossref_primary_10_1016_j_jss_2024_111963 crossref_primary_10_3390_sym10100460 crossref_primary_10_1016_j_jss_2024_112017 crossref_primary_10_1109_TSE_2024_3428543 crossref_primary_10_1016_j_future_2023_03_008 crossref_primary_10_1145_3511887 crossref_primary_10_3390_electronics13132475
Cites_doi	10.1145/3133956.3134073 10.14722/ndss.2017.23404 10.1145/3133956.3134103 10.1049/sej.1995.0010 10.1145/2090147.2094081 10.1109/SP.2010.37 10.1016/S1353-4858(08)70095-3 10.1109/SP.2012.31 10.1145/3133956.3134046 10.1093/comjnl/bxm021 10.1145/360248.360252 10.1109/SP.2017.23 10.1145/3133956.3134020 10.1109/MINES.2012.202 10.1145/1791194.1791203 10.1145/3106237.3106258 10.1145/2976749.2978428 10.1007/11836810_25 10.14722/ndss.2016.23368 10.17487/rfc2828
ContentType	Journal Article
Copyright	The Author(s) 2018 The Author(s) 2018. This work is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.
Copyright_xml	– notice: The Author(s) 2018 – notice: The Author(s) 2018. This work is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.
DBID	C6C AAYXX CITATION 7SC 8FD ABUWG AFKRA AZQEC BENPR CCPQU DWQXO JQ2 L7M L~C L~D PHGZM PHGZT PIMPY PKEHL PQEST PQQKQ PQUKI PRINS DOA
DOI	10.1186/s42400-018-0002-y
DatabaseName	Springer Nature OA Free Journals CrossRef Computer and Information Systems Abstracts Technology Research Database ProQuest Central (Alumni) ProQuest Central ProQuest Central Essentials ProQuest Central ProQuest One Community College ProQuest Central Korea ProQuest Computer Science Collection Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Academic Computer and Information Systems Abstracts Professional ProQuest Central Premium ProQuest One Academic (New) Publicly Available Content Database ProQuest One Academic Middle East (New) ProQuest One Academic Eastern Edition (DO NOT USE) ProQuest One Academic (retired) ProQuest One Academic UKI Edition ProQuest Central China DOAJ Directory of Open Access Journals
DatabaseTitle	CrossRef Publicly Available Content Database Technology Research Database Computer and Information Systems Abstracts – Academic ProQuest One Academic Middle East (New) ProQuest Central Essentials ProQuest One Academic Eastern Edition ProQuest Computer Science Collection Computer and Information Systems Abstracts ProQuest Central (Alumni Edition) ProQuest One Community College ProQuest Central China Computer and Information Systems Abstracts Professional ProQuest Central ProQuest One Academic UKI Edition ProQuest Central Korea ProQuest Central (New) ProQuest One Academic Advanced Technologies Database with Aerospace ProQuest One Academic (New)
DatabaseTitleList	Publicly Available Content Database
Database_xml	– sequence: 1 dbid: DOA name: DOAJ Directory of Open Access Journals url: https://www.doaj.org/ sourceTypes: Open Website – sequence: 2 dbid: PIMPY name: ProQuest Publicly Available Content Database url: http://search.proquest.com/publiccontent sourceTypes: Aggregation Database
DeliveryMethod	fulltext_linktorsrc
Discipline	Computer Science
EISSN	2523-3246
EndPage	13
ExternalDocumentID	oai_doaj_org_article_60cb73d262194978b3fbf3f9a3b6c871 10_1186_s42400_018_0002_y
GroupedDBID	0R~ AAFWJ AAKKN ABEEZ ACULB ADBBV AFGXO AFPKN ALMA_UNASSIGNED_HOLDINGS BCNDV C24 C6C EBS GROUPED_DOAJ IAO IMI ISR ITC M~E OK1 RSV SOJ AAYXX CITATION 7SC 8FD ABUWG ACACY ADMLS AFKRA AMKLP ARCSS AZQEC BENPR CCPQU DWQXO EJD JQ2 L7M L~C L~D PHGZM PHGZT PIMPY PKEHL PQEST PQQKQ PQUKI PRINS
ID	FETCH-LOGICAL-c498t-4fb19661ed330e24bdff6fce6acabe95e08aab6542f44e7002f0f2ba56ec64a83
IEDL.DBID	PIMPY
ISICitedReferencesCount	179
ISICitedReferencesURI	http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000672542100006&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
ISSN	2523-3246
IngestDate	Fri Oct 03 12:43:04 EDT 2025 Wed Oct 08 14:20:49 EDT 2025 Sat Nov 29 05:34:54 EST 2025 Tue Nov 18 22:37:52 EST 2025 Fri Feb 21 02:33:00 EST 2025
IsDoiOpenAccess	true
IsOpenAccess	true
IsPeerReviewed	true
IsScholarly	true
Issue	1
Keywords	Fuzzing Vulnerability discovery Coverage-based fuzzing Software security
Language	English
LinkModel	DirectLink
MergedId	FETCHMERGED-LOGICAL-c498t-4fb19661ed330e24bdff6fce6acabe95e08aab6542f44e7002f0f2ba56ec64a83
Notes	ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 14
OpenAccessLink	https://www.proquest.com/publiccontent/docview/2430231392?pq-origsite=%requestingapplication%
PQID	2430231392
PQPubID	4403480
PageCount	13
ParticipantIDs	doaj_primary_oai_doaj_org_article_60cb73d262194978b3fbf3f9a3b6c871 proquest_journals_2430231392 crossref_primary_10_1186_s42400_018_0002_y crossref_citationtrail_10_1186_s42400_018_0002_y springer_journals_10_1186_s42400_018_0002_y
PublicationCentury	2000
PublicationDate	20180605
PublicationDateYYYYMMDD	2018-06-05
PublicationDate_xml	– month: 6 year: 2018 text: 20180605 day: 5
PublicationDecade	2010
PublicationPlace	Singapore
PublicationPlace_xml	– name: Singapore
PublicationTitle	Cybersecurity (Singapore)
PublicationTitleAbbrev	Cybersecur
PublicationYear	2018
Publisher	Springer Singapore Springer Nature B.V SpringerOpen
Publisher_xml	– name: Springer Singapore – name: Springer Nature B.V – name: SpringerOpen
References	Vyukov, D (2015) Syzkaller. https://github.com/google/syzkaller. Accessed 25 Dec 2017. Zalewski, M (2017) American fuzzy lop. http://lcamtuf.coredump.cx/afl/. Accessed 25 Dec 2017. GorbunovSRosenbloomAAutofuzz: Automated network protocol fuzzing frameworkIJCSNS2010108239 LiuBShiLCaiZLiMSoftware vulnerability discovery techniques: A surveyMultimedia Information Networking and Security (MINES), 2012 Fourth International Conference on2012NanjingIEEE15215610.1109/MINES.2012.202https://doi.org/10.1109/MINES.2012.202 Takanen, A, Demott JD, Miller C (2008) Fuzzing for software security testing and quality assurance. Artech House. Petsios, T, Zhao J, Keromytis AD, Jana S (2017) Slowfuzz: Automated domain-independent detection of algorithmic complexity vulnerabilities In: Proceeding CCS ’17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2155–2168.. ACM, New York. https://doi.org/10.1145/3133956.3134073. GodefroidPLevinMYMolnarDSage: whitebox fuzzing for security testingQueue20121012010.1145/2090147.2094081 The Clang Team (2017) Leaksanitizer. https://clang.llvm.org/docs/LeakSanitizer.html. Accessed 25 Dec 2017. WangSNamJTanLQtep: quality-aware test case prioritizationProceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering2017New YorkACM523534https://doi.org/10.1145/3106237.3106258 Amini, P (2017) Sulley fuzzing framework. https://github.com/OpenRCE/sulley. Accessed 25 Dec 2017. Shirey, RW (2000) Internet security glossary. https://tools.ietf.org/html/rfc2828. Accessed 25 Dec 2017. Bowne, S (2015) Fuzzing with spike. https://samsclass.info/127/proj/p18-spike.htm. Accessed 25 Dec 2017. Van Sprundel, I (2005) Fuzzing: Breaking software in an automated fashion. Decmember 8th. Hertz, J (2015) Triforceafl. https://github.com/nccgroup/TriforceAFL. Accessed 25 Dec 2017. WuZ-YWangH-CSunL-CPanZ-LLiuJ-JSurvey of fuzzingAppl Res Comput2010273829832 Stephens, N, Grosen J, Salls C, Dutcher A, Wang R, Corbetta J, Shoshitaishvili Y, Kruegel C, Vigna G (2016) Driller: Augmenting fuzzing through selective symbolic execution In: NDSS, volume 16, 1–16, San Diego. Zalewski, M (2017) Afl technical details. http://lcamtuf.coredump.cx/afl/technical_details.txt. Accessed 25 Dec 2017. Nichols, N, Raugas M, Jasper R, Hilliard N (2017) Faster fuzzing: Reinitialization with deep neural models. arXiv preprint arXiv:1711.02807. LukC-KCohnRMuthRPatilHKlauserALowneyGWallaceSReddiVJHazelwoodKPin: building customized program analysis tools with dynamic instrumentationAcm sigplan notices, volume 402005ChicagoACM190200 Aldeid (2013) Browser fuzzer 3. https://www.aldeid.com/wiki/Bf3. Accessed 25 Dec 2017. Wikipedia (2017) Dynamic program analysis. https://en.wikipedia.org/wiki/Dynamic_program_analysis. Accessed 25 Dec 2017. Jones, D (2010) trinity. https://github.com/kernelslacker/trinity. Accessed 25 Dec 2017. HanHChaSKImf: Inferred model-based fuzzerProceeding CCS ’17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security2017New YorkACM23452358https://doi.org/10.1145/3133956.3134103 lcamtuf (2014) Fuzzing random programs without execve(). https://lcamtuf.blogspot.jp/2014/10/fuzzing-binaries-without-execve.html. Accessed 25 Dec 2017. BöhmeMPhamV-TNguyenM-DRoychoudhuryADirected greybox fuzzingProceeding CCS ’17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security2017New YorkACM23292344https://doi.org/10.1145/3133956.3134020 Rajpal, M, Blum W, Singh R (2017) Not all bytes are equal: Neural byte sieve for fuzzing. arXiv preprint arXiv:1711.04596. Zimmer, D (2013) Comraider. http://sandsprite.com/tools.php?id=16. Accessed 25 Dec 2017. De RuiterJPollEProtocol state fuzzing of tls implementationsProceeding SEC’15 Proceedings of the 24th USENIX Conference on Security Symposium2015BerkeleyUSENIX Association193206 Serebryany, K, Iskhodzhanov T (2009) Threadsanitizer: data race detection in practice In: Proceedings of the Workshop on Binary Instrumentation and Applications, 62–71. WangTWeiTGuGZouWTaintscope: A checksum-aware directed fuzzing tool for automatic software vulnerability detectionSecurity and privacy (SP) 2010 IEEE symposium on2010BerkeleyIEEE49751210.1109/SP.2010.37https://doi.org/10.1109/SP.2010.37 BanksGCovaMFelmetsgerVAlmerothKKemmererRVignaGSnooze: toward a stateful network protocol fuzzerInternational Conference on Information Security2006BerlinSpringer34335810.1007/11836810_25 The Clang Team (2017) Dataflowsanitizer. https://clang.llvm.org/docs/DataFlowSanitizerDesign.html. Accessed 25 Dec 2017. Stephenfewer (2016) Grinder. https://github.com/stephenfewer/grinder. Accessed 25 Dec 2017. SerebryanyKBrueningDPotapenkoAVyukovDAddresssanitizer: A fast address sanity checkerProceeding USENIX ATC’12 Proceedings of the 2012 USENIX conference on Annual Technical Conference2012BerkeleyUSENIX Association309318 PeachTech (2017) Peach. https://www.peach.tech/. Accessed 25 Dec 2017. Böhme, M, Pham VT, Roychoudhury A (2017) Coverage-based greybox fuzzing as markov chain In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 1032–1043.. ACM. XuWKashyapSMinCKimTDesigning new operating primitives to improve fuzzing performanceProceeding CCS ’17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security2017New YorkACM23132328https://doi.org/10.1145/3133956.3134046 WangJChenBWeiLLiuYSkyfire: Data-driven seed generation for fuzzingSecurity and Privacy (SP), 2017 IEEE Symposium on2017San JoseIEEEhttps://doi.org/10.1109/SP.2017.23 GodefroidPPelegHSinghRLearn & fuzz: Machine learning for input fuzzingProceeding ASE 2017 Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering2017PiscatawayIEEE Press5059 ChaSKAvgerinosTRebertABrumleyDUnleashing mayhem on binary codeSecurity and Privacy (SP) 2012 IEEE Symposium on2012San FranciscoIEEE38039410.1109/SP.2012.31https://doi.org/10.1109/SP.2012.31 YangQLiJJWeissDMA survey of coverage-based testing toolsThe Computer Journal200752558959710.1093/comjnl/bxm021 Rawat, S, Jain V, Kumar A, Cojocar L, Giuffrida C, Bos H (2017) Vuzzer: Application-aware evolutionary fuzzing In: Proceedings of the Network and Distributed System Security Symposium (NDSS). https://www.vusec.net/download/?t=papers/vuzzer_ndss17.pdf. SuttonMGreeneAAminiPFuzzing: brute force vulnerability discovery2007Upper Saddle RiverPearson Education James, R (2013) Processor tracing. https://software.intel.com/en-us/blogs/2013/09/18/processor-tracing. Accessed 25 Dec 2017. SchumiloSAschermannCGawlikRSchinzelSHolzTKirdaERistenpartTkAFL: Hardware-assisted feedback fuzzing for OS kernels26th USENIX Security Symposium, USENIX Security 20172017VancouverUSENIX Association167182 KingJCSymbolic execution and program testingCommun ACM197619738539441850210.1145/360248.3602520329.68018 libfuzzer (2017) A library for coverage-guided fuzz testing. https://llvm.org/docs/LibFuzzer.html. Accessed 25 Dec 2017. WichmannBACanningAAClutterbuckDLWinsborrowLAWardNJMarshDWRIndustrial perspective on static analysisSoftw Eng J1995102697510.1049/sej.1995.0010 Wikipedia, Wannacry ransomware attack (2017). https://en.wikipedia.org/wiki/WannaCry_ransomware_attack. Accessed 25 Dec 2017. K Serebryany (2_CR27) 2012 2_CR48 2_CR49 2_CR13 2_CR14 H Han (2_CR12) 2017 B Liu (2_CR19) 2012 G Banks (2_CR3) 2006 M Böhme (2_CR4) 2017 P Godefroid (2_CR10) 2017 BA Wichmann (2_CR41) 1995; 10 2_CR37 T Wang (2_CR40) 2010 JC King (2_CR16) 1976; 19 Q Yang (2_CR46) 2007; 52 C-K Luk (2_CR20) 2005 2_CR47 2_CR42 2_CR43 W Xu (2_CR45) 2017 Z-Y Wu (2_CR44) 2010; 27 2_CR28 P Godefroid (2_CR9) 2012; 10 2_CR29 2_CR33 2_CR34 2_CR35 2_CR36 2_CR30 2_CR31 J Wang (2_CR38) 2017 J De Ruiter (2_CR8) 2015 S Wang (2_CR39) 2017 S Schumilo (2_CR26) 2017 SK Cha (2_CR7) 2012 M Sutton (2_CR32) 2007 S Gorbunov (2_CR11) 2010; 10 2_CR15 2_CR17 2_CR18 2_CR22 2_CR23 2_CR24 2_CR25 2_CR5 2_CR6 2_CR21 2_CR1 2_CR2
References_xml	– reference: Nichols, N, Raugas M, Jasper R, Hilliard N (2017) Faster fuzzing: Reinitialization with deep neural models. arXiv preprint arXiv:1711.02807. – reference: The Clang Team (2017) Leaksanitizer. https://clang.llvm.org/docs/LeakSanitizer.html. Accessed 25 Dec 2017. – reference: Petsios, T, Zhao J, Keromytis AD, Jana S (2017) Slowfuzz: Automated domain-independent detection of algorithmic complexity vulnerabilities In: Proceeding CCS ’17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2155–2168.. ACM, New York. https://doi.org/10.1145/3133956.3134073. – reference: Stephenfewer (2016) Grinder. https://github.com/stephenfewer/grinder. Accessed 25 Dec 2017. – reference: Rajpal, M, Blum W, Singh R (2017) Not all bytes are equal: Neural byte sieve for fuzzing. arXiv preprint arXiv:1711.04596. – reference: The Clang Team (2017) Dataflowsanitizer. https://clang.llvm.org/docs/DataFlowSanitizerDesign.html. Accessed 25 Dec 2017. – reference: Jones, D (2010) trinity. https://github.com/kernelslacker/trinity. Accessed 25 Dec 2017. – reference: SerebryanyKBrueningDPotapenkoAVyukovDAddresssanitizer: A fast address sanity checkerProceeding USENIX ATC’12 Proceedings of the 2012 USENIX conference on Annual Technical Conference2012BerkeleyUSENIX Association309318 – reference: Rawat, S, Jain V, Kumar A, Cojocar L, Giuffrida C, Bos H (2017) Vuzzer: Application-aware evolutionary fuzzing In: Proceedings of the Network and Distributed System Security Symposium (NDSS). https://www.vusec.net/download/?t=papers/vuzzer_ndss17.pdf. – reference: Zalewski, M (2017) Afl technical details. http://lcamtuf.coredump.cx/afl/technical_details.txt. Accessed 25 Dec 2017. – reference: GodefroidPLevinMYMolnarDSage: whitebox fuzzing for security testingQueue20121012010.1145/2090147.2094081 – reference: PeachTech (2017) Peach. https://www.peach.tech/. Accessed 25 Dec 2017. – reference: Zimmer, D (2013) Comraider. http://sandsprite.com/tools.php?id=16. Accessed 25 Dec 2017. – reference: SuttonMGreeneAAminiPFuzzing: brute force vulnerability discovery2007Upper Saddle RiverPearson Education – reference: LukC-KCohnRMuthRPatilHKlauserALowneyGWallaceSReddiVJHazelwoodKPin: building customized program analysis tools with dynamic instrumentationAcm sigplan notices, volume 402005ChicagoACM190200 – reference: Stephens, N, Grosen J, Salls C, Dutcher A, Wang R, Corbetta J, Shoshitaishvili Y, Kruegel C, Vigna G (2016) Driller: Augmenting fuzzing through selective symbolic execution In: NDSS, volume 16, 1–16, San Diego. – reference: BanksGCovaMFelmetsgerVAlmerothKKemmererRVignaGSnooze: toward a stateful network protocol fuzzerInternational Conference on Information Security2006BerlinSpringer34335810.1007/11836810_25 – reference: WangTWeiTGuGZouWTaintscope: A checksum-aware directed fuzzing tool for automatic software vulnerability detectionSecurity and privacy (SP) 2010 IEEE symposium on2010BerkeleyIEEE49751210.1109/SP.2010.37https://doi.org/10.1109/SP.2010.37 – reference: LiuBShiLCaiZLiMSoftware vulnerability discovery techniques: A surveyMultimedia Information Networking and Security (MINES), 2012 Fourth International Conference on2012NanjingIEEE15215610.1109/MINES.2012.202https://doi.org/10.1109/MINES.2012.202 – reference: GodefroidPPelegHSinghRLearn & fuzz: Machine learning for input fuzzingProceeding ASE 2017 Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering2017PiscatawayIEEE Press5059 – reference: Böhme, M, Pham VT, Roychoudhury A (2017) Coverage-based greybox fuzzing as markov chain In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 1032–1043.. ACM. – reference: WangSNamJTanLQtep: quality-aware test case prioritizationProceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering2017New YorkACM523534https://doi.org/10.1145/3106237.3106258 – reference: Serebryany, K, Iskhodzhanov T (2009) Threadsanitizer: data race detection in practice In: Proceedings of the Workshop on Binary Instrumentation and Applications, 62–71. – reference: HanHChaSKImf: Inferred model-based fuzzerProceeding CCS ’17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security2017New YorkACM23452358https://doi.org/10.1145/3133956.3134103 – reference: Takanen, A, Demott JD, Miller C (2008) Fuzzing for software security testing and quality assurance. Artech House. – reference: YangQLiJJWeissDMA survey of coverage-based testing toolsThe Computer Journal200752558959710.1093/comjnl/bxm021 – reference: Wikipedia, Wannacry ransomware attack (2017). https://en.wikipedia.org/wiki/WannaCry_ransomware_attack. Accessed 25 Dec 2017. – reference: Hertz, J (2015) Triforceafl. https://github.com/nccgroup/TriforceAFL. Accessed 25 Dec 2017. – reference: Vyukov, D (2015) Syzkaller. https://github.com/google/syzkaller. Accessed 25 Dec 2017. – reference: WichmannBACanningAAClutterbuckDLWinsborrowLAWardNJMarshDWRIndustrial perspective on static analysisSoftw Eng J1995102697510.1049/sej.1995.0010 – reference: GorbunovSRosenbloomAAutofuzz: Automated network protocol fuzzing frameworkIJCSNS2010108239 – reference: Zalewski, M (2017) American fuzzy lop. http://lcamtuf.coredump.cx/afl/. Accessed 25 Dec 2017. – reference: De RuiterJPollEProtocol state fuzzing of tls implementationsProceeding SEC’15 Proceedings of the 24th USENIX Conference on Security Symposium2015BerkeleyUSENIX Association193206 – reference: ChaSKAvgerinosTRebertABrumleyDUnleashing mayhem on binary codeSecurity and Privacy (SP) 2012 IEEE Symposium on2012San FranciscoIEEE38039410.1109/SP.2012.31https://doi.org/10.1109/SP.2012.31 – reference: WangJChenBWeiLLiuYSkyfire: Data-driven seed generation for fuzzingSecurity and Privacy (SP), 2017 IEEE Symposium on2017San JoseIEEEhttps://doi.org/10.1109/SP.2017.23 – reference: Wikipedia (2017) Dynamic program analysis. https://en.wikipedia.org/wiki/Dynamic_program_analysis. Accessed 25 Dec 2017. – reference: KingJCSymbolic execution and program testingCommun ACM197619738539441850210.1145/360248.3602520329.68018 – reference: Amini, P (2017) Sulley fuzzing framework. https://github.com/OpenRCE/sulley. Accessed 25 Dec 2017. – reference: libfuzzer (2017) A library for coverage-guided fuzz testing. https://llvm.org/docs/LibFuzzer.html. Accessed 25 Dec 2017. – reference: Shirey, RW (2000) Internet security glossary. https://tools.ietf.org/html/rfc2828. Accessed 25 Dec 2017. – reference: BöhmeMPhamV-TNguyenM-DRoychoudhuryADirected greybox fuzzingProceeding CCS ’17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security2017New YorkACM23292344https://doi.org/10.1145/3133956.3134020 – reference: SchumiloSAschermannCGawlikRSchinzelSHolzTKirdaERistenpartTkAFL: Hardware-assisted feedback fuzzing for OS kernels26th USENIX Security Symposium, USENIX Security 20172017VancouverUSENIX Association167182 – reference: Van Sprundel, I (2005) Fuzzing: Breaking software in an automated fashion. Decmember 8th. – reference: James, R (2013) Processor tracing. https://software.intel.com/en-us/blogs/2013/09/18/processor-tracing. Accessed 25 Dec 2017. – reference: Aldeid (2013) Browser fuzzer 3. https://www.aldeid.com/wiki/Bf3. Accessed 25 Dec 2017. – reference: XuWKashyapSMinCKimTDesigning new operating primitives to improve fuzzing performanceProceeding CCS ’17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security2017New YorkACM23132328https://doi.org/10.1145/3133956.3134046 – reference: WuZ-YWangH-CSunL-CPanZ-LLiuJ-JSurvey of fuzzingAppl Res Comput2010273829832 – reference: Bowne, S (2015) Fuzzing with spike. https://samsclass.info/127/proj/p18-spike.htm. Accessed 25 Dec 2017. – reference: lcamtuf (2014) Fuzzing random programs without execve(). https://lcamtuf.blogspot.jp/2014/10/fuzzing-binaries-without-execve.html. Accessed 25 Dec 2017. – start-page: 193 volume-title: Proceeding SEC’15 Proceedings of the 24th USENIX Conference on Security Symposium year: 2015 ident: 2_CR8 – ident: 2_CR23 doi: 10.1145/3133956.3134073 – ident: 2_CR25 doi: 10.14722/ndss.2017.23404 – start-page: 2345 volume-title: Proceeding CCS ’17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security year: 2017 ident: 2_CR12 doi: 10.1145/3133956.3134103 – volume: 10 start-page: 69 issue: 2 year: 1995 ident: 2_CR41 publication-title: Softw Eng J doi: 10.1049/sej.1995.0010 – volume: 10 start-page: 20 issue: 1 year: 2012 ident: 2_CR9 publication-title: Queue doi: 10.1145/2090147.2094081 – start-page: 497 volume-title: Security and privacy (SP) 2010 IEEE symposium on year: 2010 ident: 2_CR40 doi: 10.1109/SP.2010.37 – ident: 2_CR17 – ident: 2_CR37 – ident: 2_CR14 – ident: 2_CR33 doi: 10.1016/S1353-4858(08)70095-3 – start-page: 380 volume-title: Security and Privacy (SP) 2012 IEEE Symposium on year: 2012 ident: 2_CR7 doi: 10.1109/SP.2012.31 – volume: 10 start-page: 239 issue: 8 year: 2010 ident: 2_CR11 publication-title: IJCSNS – start-page: 190 volume-title: Acm sigplan notices, volume 40 year: 2005 ident: 2_CR20 – ident: 2_CR42 – volume: 27 start-page: 829 issue: 3 year: 2010 ident: 2_CR44 publication-title: Appl Res Comput – ident: 2_CR49 – ident: 2_CR24 – start-page: 2313 volume-title: Proceeding CCS ’17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security year: 2017 ident: 2_CR45 doi: 10.1145/3133956.3134046 – ident: 2_CR18 – ident: 2_CR34 – ident: 2_CR30 – ident: 2_CR13 – ident: 2_CR6 – volume: 52 start-page: 589 issue: 5 year: 2007 ident: 2_CR46 publication-title: The Computer Journal doi: 10.1093/comjnl/bxm021 – ident: 2_CR2 – volume: 19 start-page: 385 issue: 7 year: 1976 ident: 2_CR16 publication-title: Commun ACM doi: 10.1145/360248.360252 – volume-title: Security and Privacy (SP), 2017 IEEE Symposium on year: 2017 ident: 2_CR38 doi: 10.1109/SP.2017.23 – start-page: 167 volume-title: 26th USENIX Security Symposium, USENIX Security 2017 year: 2017 ident: 2_CR26 – ident: 2_CR48 – volume-title: Fuzzing: brute force vulnerability discovery year: 2007 ident: 2_CR32 – ident: 2_CR15 – start-page: 2329 volume-title: Proceeding CCS ’17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security year: 2017 ident: 2_CR4 doi: 10.1145/3133956.3134020 – start-page: 152 volume-title: Multimedia Information Networking and Security (MINES), 2012 Fourth International Conference on year: 2012 ident: 2_CR19 doi: 10.1109/MINES.2012.202 – ident: 2_CR35 – start-page: 50 volume-title: Proceeding ASE 2017 Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering year: 2017 ident: 2_CR10 – ident: 2_CR28 doi: 10.1145/1791194.1791203 – ident: 2_CR21 – start-page: 523 volume-title: Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering year: 2017 ident: 2_CR39 doi: 10.1145/3106237.3106258 – ident: 2_CR1 – ident: 2_CR47 – start-page: 309 volume-title: Proceeding USENIX ATC’12 Proceedings of the 2012 USENIX conference on Annual Technical Conference year: 2012 ident: 2_CR27 – ident: 2_CR5 doi: 10.1145/2976749.2978428 – ident: 2_CR36 – start-page: 343 volume-title: International Conference on Information Security year: 2006 ident: 2_CR3 doi: 10.1007/11836810_25 – ident: 2_CR31 doi: 10.14722/ndss.2016.23368 – ident: 2_CR43 – ident: 2_CR22 – ident: 2_CR29 doi: 10.17487/rfc2828
SSID	ssj0002793474
Score	2.5235698
Snippet	Security vulnerability is one of the root causes of cyber-security threats. To discover vulnerabilities and fix them in advance, researchers have proposed... Abstract Security vulnerability is one of the root causes of cyber-security threats. To discover vulnerabilities and fix them in advance, researchers have...
SourceID	doaj proquest crossref springer
SourceType	Open Website Aggregation Database Enrichment Source Index Database Publisher
StartPage	1
SubjectTerms	Computer Science Coverage-based fuzzing Cybersecurity Fuzzing Software security Survey System Security Vulnerability discovery
SummonAdditionalLinks	– databaseName: DOAJ Directory of Open Access Journals dbid: DOA link: http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV07T8MwELYQYmCB8hKFgjIwgaw69tVx2ABRMaCKAVA3y3ZsCYQK6ktqfz22k5QWCVhYE9u53Pny3emc-xA6A0YV0ynFKSiKocMI1h44caG5FbTgYCKLwvN91uuJfj9_WKL6CmfCyvbApeLanBidsYJy71qBDU0zpx1zuX8CNyL-PU591LOUTL3GclrOIIOqjJkK3h5BOC3pM2eB41dgtgJEsV__SpD5rS4a4abbQFtVnJhclfLtoDU72EXbNQdDUrnkHmp0J_O5X-EyUcloMpza2T566t4-3tzhiuYAG8jFGIPT3g14agvGiKWgC-e4M5Yro7TNO5YIpXQglnIANvPCO-KoVh1uDQcl2AFaH7wP7CFKFEkLkxsPMZkFa6wCIB4FmSYFS61wTUTqd5am6gEeqCjeZMwFBJelmqRXUyhLUzlrovPFlI-yAcZvg6-DIhcDQ-_qeMFbVFYWlX9ZtIlatRlk5VAjSSGwG_lwlTbRRW2ar9s_SnT0HxIdo00aNw7HpNNC6-PhxJ6gDTMdv4yGp3HnfQLWS9iE priority: 102 providerName: Directory of Open Access Journals
Title	Fuzzing: a survey
URI	https://link.springer.com/article/10.1186/s42400-018-0002-y https://www.proquest.com/docview/2430231392 https://doaj.org/article/60cb73d262194978b3fbf3f9a3b6c871
Volume	1
WOSCitedRecordID	wos000672542100006&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText	1
inHoldings	1
isFullTextHit
isPrint
journalDatabaseRights	– providerCode: PRVAON databaseName: DOAJ Directory of Open Access Journals customDbUrl: eissn: 2523-3246 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0002793474 issn: 2523-3246 databaseCode: DOA dateStart: 20180101 isFulltext: true titleUrlDefault: https://www.doaj.org/ providerName: Directory of Open Access Journals – providerCode: PRVHPJ databaseName: ROAD: Directory of Open Access Scholarly Resources customDbUrl: eissn: 2523-3246 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0002793474 issn: 2523-3246 databaseCode: M~E dateStart: 20180101 isFulltext: true titleUrlDefault: https://road.issn.org providerName: ISSN International Centre
link	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV3Nb9MwFH-ClgMXNr5Ex6hy4ASy6tivjsMFMdQKJFZVCNA4WbZjIyTUjqad1B32t2O7TqchsROXHBInenqffu857wfwEjnT3JSMlKgZwTGnxITASRojnGSNQJtQFL59qmYzeXZWz_Pv0W0-Vtn5xOSod9Oe47nt4IRHzdLGivmIYQS7CbsX9vb8N4kYUrHXmgE17kI_Dt6SPejPP57Ov-9rLiwoI1aYm5ulFKMW4xnKkE9LknzD9kZ4SlP8b2w9_-qWpiA0Pfi_5B_Cg7wZLd7ttOch3HGLR3DQAT0U2e4fw-F0c3kZCHpT6KLdrC7c9gl8nU6-vP9AMpYCsVjLNUFvgq2J0jWcU8fQNN4Lb53QVhtXjx2VWpuIXuURXRV44alnRo-FswK15E-ht1gu3DMoNC0bW9sQxyqHzjqNSEOo5YY2vHTSD4B2LFQ2DxqPeBe_VEo4pFA7rqvA9dj7Zmo7gFf7V853UzZuW3wS5bJfGAdkpxvL1Q-V7U0Jak3FGyaCR44geoZ747mvg2IKG5LEARx3clLZalt1LZYBvO4kff34nxQd3f6x53CfJQ0ThI6PobdebdwLuGcv1j_b1RD6J5PZ_PMwVQPC9fRqMsyK-wcmaPdb
linkProvider	ProQuest
linkToHtml	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMw1V3Pb9MwFH4aHRK7sPFLFAbkABeQNcd5dRwkhPhVrVpX9TDQOBnbsdEk1I6mHer-KP5GntOk05DYbQeuiWM5eZ-_956f4w_gOWbCZDYVLEUjGPYyziw5TlZa6ZUoJbpaReHLMB-N1PFxMd6A3-2_MHFbZcuJNVGXUxfXyPcERnkbilfE29OfLKpGxepqK6GxgsWBX_6ilK16M_hI9n0hRP_T0Yd91qgKMIeFmjMMllAnU19SKu8F2jIEGZyXxhnri57nyhgbdZwCos-JMQIPwpqe9E6iURn1ewM2kcCuOrA5HhyOv65XdQTBHXNsyqepknsVxl2alLErVrPP8pIDrHUCLgW3f9VjazfX3_7fPtAO3G4C6uTdagbcgQ0_uQvbrVhF0nDXPdjpL87P6ZVfJyapFrMzv7wPn69lYA-gM5lO_ENIDE9LVzjyxblH77xB5BQuZJaXWepV6AJvjaRdc1h61Oz4oeukSUm9sqsmu8b6vdDLLrxcP3K6Oinkqsbvo-XXDeMh3_WF6ey7bjhDS-5snpVCkleJQoA2CzZkoaDJJR0lul3YbZGgG-ap9AUMuvCqxdLF7X-O6NHVnT2DW_tHh0M9HIwOHsOWqPEsGe_tQmc-W_gncNOdzU-q2dNmSiTw7bpB9gcooEgp
openUrl	ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Fuzzing%3A+a+survey&rft.jtitle=Cybersecurity+%28Singapore%29&rft.au=Li%2C+Jun&rft.au=Zhao+Bodong&rft.au=Zhang%2C+Chao&rft.date=2018-06-05&rft.pub=Springer+Nature+B.V&rft.eissn=2523-3246&rft.volume=1&rft.issue=1&rft_id=info:doi/10.1186%2Fs42400-018-0002-y
thumbnail_l	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2523-3246&client=summon
thumbnail_m	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2523-3246&client=summon
thumbnail_s	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2523-3246&client=summon