The sole purpose of this repository is to help me organize recent academic papers related to fuzzing, binary analysis, IoT security, and general exploitation. This is a non-exhausting list, even though I'll try to keep it updated... Feel free to suggest decent papers via a PR.
- 2023 - Dissecting American Fuzzy Lop A FuzzBench Evaluation ✓
- Tags:: AFL, collisions, hitcounts, timeout, novelty search, corpus culling, score calculation, corpus scheduling, splicing
- 2022 - DARWIN: Survival of the Fittest Fuzzing Mutators ✓
- Tags: mutation scheduling, evolution strategy, AFL, AFL-MOpT, fuzzbench, magma, ecofuzz
- 2022 - Removing Uninteresting Bytes in Software Fuzzing ✓
- Tags: seed optimization, seed minimization, diar, coverage-guided
- 2021 - An Empirical Study of OSS-Fuzz Bugs ✓
- Tags: flaky bugs, clusterfuzz, sanitizer, bug detection, bug classification, time-to-fix, time-to-detect
- 2020 - Corpus Distillation for Effective Fuzzing ✓
- Tags: corpus minimization, afl-cmin, google fuzzer test suite, FTS, minset, AFL
- 2020 - Symbolic execution with SymCC: Don't interpret, compile! ✓
- Tags: KLEE, QSYM, LLVM, C, C++, compiler, symbolic execution, concolic execution, source code level, IR, angr, Z3, DARPA corpus, AFL
- 2020 - WEIZZ: Automatic Grey-Box Fuzzing for Structured Binary Formats ✓
- Tags: REDQUEEN, chunk-based formats, AFLSmart, I2S, checksums, magix bytes, QEMU, Eclipser, short fuzzing runs,
- 2020 - Efficient Binary-Level Coverage Analysis ✓
- Tags: bcov, detour + trampoline, basic block coverage, sliced microexecution, superblocks, strongly connected components, dominator graph, BAP, angr, IDA, DynamoRIO, Intel PI, BAP, angr, IDA, DynamoRIO, Intel PIN
- 2020 - Test-Case Reduction via Test-Case Generation: Insights From the Hypothesis Reducer ✓
- Tags: Test case reducer, property based testing, CSmith, test case generation, hierachical delta debugging
- 2020 - AFL++: Combining Incremental Steps of Fuzzing Research ✗
- Tags: AFL++, AFL, MOpt, LAF-Intel, Fuzzbench, Ngram, RedQueen, Unicorn, QBDI, CmpLog, AFLFast
- 2020 - FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities From Bare-Metal Firmware ✓
- Tags: Ghdira, static analysis, sound disassembly, base address finder, BLE, vulnerability discovery
- 2020 - P2IM: Scalable and Hardware-independent Firmware Testing via Automatic Peripheral Interface Modeling ✓
- Tags: HALucinator, emulation, firmware, QEMU, AFL, requires source, MCU, peripheral abstraction
- 2020 - What Exactly Determines the Type? Inferring Types with Context ✓
- Tags: context assisted type inference, stripped binaries, variable and type reconstruction, IDA Pro, Word2Vec, CNN,
- 2020 - Causal Testing: Understanding Defects’ Root Causes ✓
- Tags: Defects4J, causal relationships, Eclipse plugin, unit test mutation, program trace diffing, static value diffing, user study
- 2020 - AURORA: Statistical Crash Analysis for Automated Root Cause Explanation ⚠
- Tags: RCA, program traces, input diversification, Intel PIN, Rust, CFG,
- 2020 - ParmeSan: Sanitizer-guided Greybox Fuzzing ✓
- Tags: interprocedural CFG, data flow analysis, directed fuzzing (DGF), disregarding 'hot paths', LAVA-M based primitives, LLVM, Angora, AFLGo, ASAP, santizer dependent
- 2020 - Magma: A Ground-Truth Fuzzing Benchmark ✓
- Tags: best practices, fuzzer benchmarking, ground truth, Lava-M
- 2020 - Fitness Guided Vulnerability Detection with Greybox Fuzzing ✓
- Tags: AFL, vuln specific fitness metric (headroom), buffer/integer overflow detection, AFLGo, pointer analysis, CIL, bad benchmarking
- 2020 - GREYONE: Data Flow Sensitive Fuzzing ✓
- Tags: data-flow fuzzing, taint-guided mutation, input prioritization, constraint conformance, REDQUEEN, good evaluation, VUzzer
- 2020 - FairFuzz-TC: a fuzzer targeting rare branches ✓
- Tags: AFL, required seeding, branch mask
- 2020 - Fitness Guided Vulnerability Detection with Greybox Fuzzing ✓
- Tags: AFL, vuln specific fitness metric (headroom), buffer/integer overflow detection, AFLGo, pointer analysis, CIL, bad evaluation
- 2020 - TOFU: Target-Oriented FUzzer ✓
- Tags: DGF, structured mutations, staged fuzzing/learning of cli args, target fitness, structure aware, Dijkstra for priority, AFLGo, Superion
- 2020 - FuZZan: Efficient Sanitizer Metadata Design for Fuzzing ✓
- Tags:: sanitizer metadata, optimization, ASAN, MSan, AFL
- 2020 - Boosting Fuzzer Efficiency: An Information Theoretic Perspective ✓
- Tags:: Shannon entropy, seed power schedule, libfuzzer, active SLAM, DGF, fuzzer efficiency
- 2020 - Learning Input Tokens for Effective Fuzzing ✓
- Tags: dynamic taint tracking, parser checks, magic bytes, creation of dict inputs for fuzzers
- 2020 - A Review of Memory Errors Exploitation in x86-64 ✓
- Tags: NX, canaries, ASLR, new mitigations, mitigation evaluation, recap on memory issues
- 2020 - SoK: The Progress, Challenges, and Perspectives of Directed Greybox Fuzzing ✓
- Tags: SoK, directed grey box fuzzing, AFL, AFL mutation operators, DGF vs CGF
- 2020 - MemLock: Memory Usage Guided Fuzzing ✓
- Tags: memory consumption, AFL, memory leak, uncontrolled-recursion, uncontrolled-memory-allocation, static analysis
- 2019 - Matryoshka: Fuzzing Deeply Nested Branches ✓
- Tags: AFL, QSYM, Angora, path constraints, nested conditionals, (post) dominator trees, gradient descent, REDQUEEN, LAVA-M
- 2019 - Building Fast Fuzzers ✓
- Tags: grammar based fuzzing, optimization, bold claims, comparison to badly/non-optimized fuzzers, python, lots of micro-optimizations, nice protocolling of failures, bad ASM optimization
- 2019 - Not All Bugs Are the Same: Understanding, Characterizing, and Classifying the Root Cause of Bugs ✓
- Tags: RCA via bug reports, classification model, F score,
- 2019 - AntiFuzz: Impeding Fuzzing Audits of Binary Executables ✓
- Tags: anti fuzzing, prevent crashes, delay executions, obscure coverage information, overload symbolic execution
- 2019 - MOpt: Optimized Mutation Scheduling for Fuzzers ✓
- Tags: mutation scheduling, particle swarm optimization (PSO), AFL, AFL mutation operators, VUzzer,
- 2019 - FuzzFactory: Domain-Specific Fuzzing with Waypoints ✓
- Tags: domain-specific fuzzing, AFL, LLVM, solve hard constraints like cmp, find dynamic memory allocations, binary-based
- 2019 - Fuzzing File Systems via Two-Dimensional Input Space Exploration ✓
- Tags: Ubuntu, file systems, library OS, ext4, brtfs, meta block mutations, edge cases
- 2019 - REDQUEEN: Fuzzing with Input-to-State Correspondence ⚠
- Tags: feedback-driven, AFL, magic-bytes, nested contraints, input-to-state correspondence, I2S
- 2019 - PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary ✓
- Tags: kernel, android, userland, embedded, hardware, Linux, device driver, WiFi
- 2019 - FirmFuzz: Automated IoT Firmware Introspection and Analysis ✓
- Tags: emulation, firmadyne, BOF, XSS, CI, NPD, semi-automatic
- 2019 - Firm-AFL: High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation ✓
- Tags: emulation, qemu, afl, full vs user mode, syscall redirect, "augmented process emulation", firmadyne
- 2018 - A Survey of Automated Root Cause Analysisof Software Vulnerability ✓
- Tags: Exploit mitigations, fuzzing basics, symbolic execution basics, fault localization, high level
- 2018 - PhASAR: An Inter-procedural Static Analysis Framework for C/C++ ✓
- Tags: LLVM, (inter-procedural) data-flow analysis, call-graph, points-to, class hierachy, CFG, IR
- 2018 - INSTRIM: Lightweight Instrumentation for Coverage-guided Fuzzing ✓
- Tags: LLVM, instrumentation optimization, graph algorithms, selective instrumentation, coverage calculation
- 2018 - What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices ✓
- Tags: embedded, challenges, heuristics, emulation, crash classification, fault detection
- 2018 - Evaluating Fuzz Testing ✓
- Tags: fuzzing evaluation, good practices, bad practices
- 2017 - Root Cause Analysis of Software Bugs using Machine Learning Techniques ✓
- Tags: ML, RC prediction for filed bug reports, unsupervised + supervised combination, RC categorisation, F score
- 2017 - kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels ✓
- Tags: intel PT, kernel, AFL, file systems, Windows, NTFS, Linux, ext, macOS, APFS, driver, feedback-driven
- 2016 - Driller: Argumenting Fuzzing Through Selective Symbolic Execution ✓
- Tags: DARPA, CGC, concolic execution, hybrid fuzzer, binary based
- 2015 - Challenges with Applying Vulnerability Prediction Models ✓
- Tags: VPM vs DPM, prediction models on large scale systems, files with frequent changes leave more vulns, older code exhibits more vulns
- 2014 - Optimizing Seed Selection for Fuzzing ✓
- Tags: BFF, (weighted) minset, peach, cover set problem, seed transferabilty, time minset, size minset, round robin
- 2013 - Automatic Recovery of Root Causes from Bug-Fixing Changes ✓
- Tags: ML + SCA, F score, AST, PPA, source tree analysis
Unread papers categorized by a common main theme.
- 2025 - Invivo Fuzzing by Amplifying Actual Executions ✓
- 2025 - QMSan: Efficiently Detecting Uninitialized Memory Errors During Fuzzing ✓
- 2024 - Logos: Log Guided Fuzzing for Protocol Implementations ✓
- 2024 - DDGF: Dynamic Directed Greybox Fuzzing with Path Profiling ✓
- 2024 - Sleuth: A Switchable Dual-Mode Fuzzer to Investigate Bug Impacts Following a Single PoC ✓
- 2024 - Tumbling Down the Rabbit Hole: How do Assisting Exploration Strategies Facilitate Grey-box Fuzzing? ✓
- 2024 - Modularizing Directed Greybox Fuzzing for Binaries over Multiple CPU Architectures ✓
- 2024 - LOOL: Low-Overhead, Optimization-Log-Guided Compiler Fuzzing ✓
- 2024 - Visualization Task Taxonomy to Understand the Fuzzing Internals ✓
- 2024 - Directed or Undirected: Investigating Fuzzing Strategies in a CI/CD Setup ✓
- 2024 - ZigZagFuzz: Interleaved Fuzzing of Program Options and Files ✓
- 2024 - Tango: Extracting Higher-Order Feedback through State Inference ✓
- 2024 - Directed Fuzzing Based on Bottleneck Detection ✓
- 2024 - Look Ma, No Input Samples! Mining Input Grammars from Code with Symbolic Parsing ✓
- 2024 - HuntFUZZ: Enhancing Error Handling Testing through Clustering Based Fuzzing ✓
- 2024 - AIMFuzz: Automated Function-Level In-Memory Fuzzing on Binaries ✓
- 2024 - Data Coverage for Guided Fuzzing ✓
- 2024 - Fuzzing at Scale: The Untold Story of the Scheduler ✓
- 2024 - FOX: Coverage-guided Fuzzing as Online Stochastic Control ✓
- 2024 - Fuzzing-based grammar learning from a minimal set of seed inputs ✓
- 2024 - LinFuzz: Program-Sensitive Seed Scheduling Greybox Fuzzing Based on LinUCB Algorithm ✓
- 2024 - Graphuzz: Data-driven Seed Scheduling for Coverage-guided Greybox Fuzzing ✓
- 2024 - Towards Tightly-coupled Hybrid Fuzzing via Excavating Input Specifications ✓
- 2024 - BazzAFL: Moving Fuzzing Campaigns Towards Bugs Via Grouping Bug-Oriented Seeds ✓
- 2024 - DeepGo: Predictive Directed Greybox Fuzzing ✓
- 2024 - LibAFL QEMU: A Library for Fuzzing-oriented Emulation ✓
- 2023 - NestFuzz: Enhancing Fuzzing with Comprehensive Understanding of Input Processing Logic ✓
- 2023 - DSFuzz: Detecting Deep State Bugs with Dependent State Exploration ✓
- 2023 - FA-Fuzz: A Novel Scheduling Scheme Using Firefly Algorithm for Mutation-Based Fuzzing ✓
- 2023 - Make out like a (Multi-Armed) Bandit: Improving the Odds of Fuzzer Seed Scheduling with T-Scheduler ✓
- 2023 - SYNTONY: Potential-Aware Fuzzing with Particle Swarm Optimization ✓
- 2023 - Triereme: Speeding up hybrid fuzzing through efficient query scheduling ✓
- 2023 - Hybrid Testing: Combining Static Analysis and Directed Fuzzing ✓
- 2023 - Titan : Efficient Multi-target Directed Greybox Fuzzing ✓
- 2023 - SpecFuzzer: A Tool for Inferring Class Specifications via Grammar-based Fuzzing ✓
- 2023 - Hopper: Interpretative Fuzzing for Libraries ✓
- 2023 - Enhancing Coverage-Guided Fuzzing via Phantom Program ✓
- 2023 - Hyperfuzzing: black-box security hypertesting with a grey-box fuzzer ✓
- 2023 - SHAPFUZZ: Efficient Fuzzing via Shapley-Guided Byte Selection ✓
- 2023 - PSOFuzz - Fuzzing Processors with Particle Swarm Optimization ✓
- 2023 - SymRustC: A Hybrid Fuzzer for Rust ✓
- 2023 - Finch: Fuzzing with Quantitative and Adaptive Hot-Bytes Identification ✓
- 2023 - HyperGo: Probability-based Directed Hybrid Fuzzing ✓
- 2023 - CrabSandwich: Fuzzing Rust with Rust ✓
- 2023 - InFuzz: An Interactive Tool for Enhancing Efficiency in Fuzzing through Visual Bottleneck Analysis ✓
- 2023 - Rare Path Guided Fuzzing∗ ✓
- 2023 - Guiding Greybox Fuzzing with Mutation Testing ✓
- 2023 - FGo: A Directed Grey-box Fuzzer with Probabilistic Exponential cut-the-loss Strategies ✓
- 2023 - FISHFUZZ: Catch Deeper Bugs by Throwing Larger Nets ✓
- 2023 - PosFuzz: augmenting greybox fuzzing with effective position distribution ✓
- 2023 - Bottleneck Analysis via Grammar-based Performance Fuzzing* ✓
- 2023 - What Happens When We Fuzz? Investigating OSS-Fuzz Bug History ✓
- 2023 - Toss a Fault to Your Witcher: Applying Grey-box Coverage-Guided Mutational Fuzzing to Detect SQL and Command Injection Vulnerabilities ✓
- 2023 - Large Language Models are Edge-Case Fuzzers: Testing Deep Learning Libraries via FuzzGPT ✓
- 2023 - SBFT Tool Competition 2023 - Fuzzing Track ✓
- 2023 - CarpetFuzz: Automatic Program Option Constraint Extraction from Documentation for Fuzzing ✓
- 2023 - Learning Seed-Adaptive Mutation Strategies for Greybox Fuzzing ✓
- 2023 - Directed Greybox Fuzzing with Stepwise Constraint Focusing ✓
- 2023 - Generation-based fuzzing? Don’t build a new generator, reuse! ✓
- 2023 - RCABench: Open Benchmarking Platform for Root Cause Analysis ✓
- 2023 - Arvin: Greybox Fuzzing Using Approximate Dynamic CFG Analysis ✓
- 2023 - DAISY: Effective Fuzz Driver Synthesis with Object Usage Sequence Analysis ✓
- 2023 - autofz: Automated Fuzzer Composition at Runtime ✓
- 2023 - Towards Hybrid Fuzzing with Multi-level Coverage Tree and Reinforcement Learning in Greybox Fuzzing ✓
- 2023 - Fuzzing, Symbolic Execution, and Expert Guidance for Better Testing ✓
- 2023 - Fuzzing vs SBST: Intersections & Differences ✓
- 2023 - Evaluating the Fork-Awareness of Coverage-Guided Fuzzers ✓
- 2023 - Homo in Machina: Improving Fuzz Testing Coverage via Compartment Analysis ✓
- 2023 - The fun in fuzzing - The debugging techniquie comes into its own ✓
- 2023 - Reachable Coverage: Estimating Saturation in Fuzzing ✓
- 2023 - A Seed Scheduling Method With a Reinforcement Learning for a Coverage Guided Fuzzing ✓
- 2023 - SelectFuzz: Efficient Directed Fuzzing with Selective Path Exploration ✓
- 2022 - Explainable Fuzzer Evaluation ✓
- 2022 - Rare-Seed Generation for Fuzzing ✓
- 2022 - How to Compare Fuzzers ✓
- 2022 - Valkyrie: Improving Fuzzing Performance Through Deterministic Techniques ✓
- 2022 - FUZZING DEEPER LOGIC WITH IMPEDING FUNCTION TRANSFORMATION ✓
- 2022 - Alphuzz: Monte Carlo Search on Seed-Mutation Tree for Coverage-Guided Fuzzing ✓
- 2022 - AutoGenD: fuzz driver generation for binary libraries without header files and symbol information ✓
- 2022 - Mutation Optimization of Directional Fuzzing for Cumulative Defects ✓
- 2022 - IMPROVING AFL++ CMPLOG: TACKLING THE BOTTLENECKS ✓
- 2022 - One Fuzz Doesn’t Fit All: Optimizing Directed Fuzzing via Target-tailored Program State Restriction ✓
- 2022 - POLYFUZZ: Holistic Greybox Fuzzing of Multi-Language Systems ✓
- 2022 - Sydr-Fuzz: Continuous Hybrid Fuzzing and Dynamic Analysis for Security Development Lifecycle ✓
- 2022 - Nimbus: Toward Speed Up Function Signature Recovery via Input Resizing and Multi-Task Learning ✓
- 2022 - So Many Fuzzers, So Little Time ✓
- 2022 - SLOPT: Bandit Optimization Framework for Mutation-Based Fuzzing ✓
- 2022 - DriveFuzz: Discovering Autonomous Driving Bugs through Driving Quality-Guided Fuzzing ✓
- 2022 - UltraFuzz: Towards Resource-saving in Distributed Fuzzing ✓
- 2022 - Snappy: Efficient Fuzzing with Adaptive and Mutable Snapshots ✓
- 2022 - FuzzerAid: Grouping Fuzzed Crashes Based On Fault Signatures ✓
- 2022 - Automatically Seed Corpus and Fuzzing Executables Generation Using Test Framework ✓
- 2022 - CAMFuzz: Explainable Fuzzing with Local Interpretation ✓
- 2022 - Efficient Greybox Fuzzing to Detect Memory Errors ✓
- 2022 - LibAFL: A Framework to Build Modular and Reusable Fuzzers ✗
- 2022 - FishFuzz: Throwing Larger Nets to Catch Deeper Bugs ✓
- 2022 - SYMSAN: Time and Space Efficient Concolic Execution via Dynamic Data-flow Analysis ✓
- 2022 - AMSFuzz: An adaptive mutation schedule for fuzzing ✓
- 2022 - FixReverter: A Realistic Bug Injection Methodology for Benchmarking Fuzz Testing ✓
- 2022 - Multiple Targets Directed Greybox Fuzzing ✓
- 2022 - Combining BMC and Fuzzing Techniques for Finding Software Vulnerabilities in Concurrent Programs ✓
- 2022 - DocTer: Documentation-Guided Fuzzing for Testing Deep Learning API Functions ✓
- 2022 - Obtaining Fuzzing Results with Different Timeouts ✓
- 2022 - FASSFuzzer—An Automated Vulnerability Detection System for Android System Services ✓
- 2022 - WindRanger: A Directed Greybox Fuzzer driven by Deviation Basic Blocks ✗
- 2022 - Drifuzz: Harvesting Bugs in Device Drivers from Golden Seeds ✓
- 2022 - GraphFuzz: Library API Fuzzing with Lifetime-aware Dataflow Graphs ✓
- 2022 - AcoFuzz: Adaptive Energy Allocation for Greybox Fuzzing ✓
- 2022 - TargetFuzz: Using DARTs to Guide Directed Greybox Fuzzers ✓
- 2022 - Fast Fuzzing for Memory Errors ✓
- 2022 - Stateful Greybox Fuzzing ✓
- 2022 - Metamorphic Fuzzing of C++ Libraries ✓
- 2022 - Effective Seed Scheduling for Fuzzing with Graph Centrality Analysis ✓
- 2022 - Comparing Fuzzers on a Level Playing Field with FuzzBench ✓
- 2022 - Vulnerability-oriented directed fuzzing for binary programs ✓
- 2022 - An Improvement of AFL Based On The Function Call Depth ✓
- 2022 - FuzzingDriver: the Missing Dictionary to Increase Code Coverage in Fuzzers ✓
- 2022 - BeDivFuzz: Integrating Behavioral Diversity into Generator-based Fuzzing ✓
- 2022 - One Fuzzing Strategy to Rule Them All ✓
- 2022 - Grammars for Free: Toward Grammar Inference for Ad Hoc Parsers ✓
- 2022 - Fuzzing Class Specifications ✓
- 2022 - Mutation Analysis: Answering the Fuzzing Challenge ✓
- 2022 - Ferry: State-Aware Symbolic Execution for Exploring State-Dependent Program Paths ✓
- 2022 - BEACON : Directed Grey-Box Fuzzing with Provable Path Pruning ✓
- 2022 - MORPHUZZ: Bending (Input) Space to Fuzz Virtual Devices ✓
- 2021 - A parallel fuzzing method based on two-stage mutation ✓
- 2021 - Better Pay Attention Whilst Fuzzing ✓
- 2021 - Diar: Removing Uninteresting Bytes from Seeds in Software Fuzzing ✓
- 2021 - Reducing Time-To-Fix For Fuzzer Bugs ✓
- 2021 - Casr-Cluster: Crash Clustering for Linux Applications ✓
- 2021 - Fuzzm: Finding Memory Bugs through Binary-Only Instrumentation and Fuzzing of WebAssembly ✓
- 2021 - InstruGuard: Find and Fix Instrumentation Errors for Coverage-based Greybox Fuzzing ✓
- 2021 - POSTER: OS Independent Fuzz Testing of I/O Boundary ✓
- 2021 - HDBFuzzer–Target-oriented Hybrid Directed Binary Fuzzer ✓
- 2021 - ovAFLow: Detecting Memory Corruption Bugs with Fuzzing-based Taint Inference ✓
- 2021 - SyzScope: Revealing High-Risk Security Impacts of Fuzzer-Exposed Bugs in Linux kernel ✓
- 2021 - SiliFuzz: Fuzzing CPUs by proxy ✓
- 2021 - Same Coverage, Less Bloat: Accelerating Binary-only Fuzzing with Coverage-preserving Coverage-guided Tracing ✓
- 2021 - Facilitating Parallel Fuzzing with Mutually-exclusive Task Distribution ✓
- 2021 - PATA: Fuzzing with Path Aware Taint Analysis ✓
- 2021 - BSOD: Binary-only Scalable fuzzing Of device Drivers ✓
- 2021 - FuzzBench: An Open Fuzzer Benchmarking Platform and Service ✓
- 2021 - My Fuzzer Beats Them All! Developing a Framework for Fair Evaluation and Comparison of Fuzzers ✓
- 2021 - Scalable Fuzzing of Program Binaries with E9AFL ✓
- 2021 - HyperFuzzer: An Efficient Hybrid Fuzzer for Virtual CPUs ✓
- 2021 - BigMap: Future-proofing Fuzzers with Efficient Large Maps ✓
- 2021 - Token-Level Fuzzing ✓
- 2021 - Hashing Fuzzing: Introducing Input Diversity to Improve Crash Detection ✗
- 2021 - LeanSym: Efficient Hybrid Fuzzing Through Conservative Constraint Debloating ✓
- 2021 - ESRFuzzer: an enhanced fuzzing framework for physical SOHO router devices to discover multi-Type vulnerabilities ✓
- 2021 - KCFuzz: Directed Fuzzing Based on Keypoint Coverage ✓
- 2021 - TCP-Fuzz: Detecting Memory and Semantic Bugs in TCP Stacks with Fuzzing ✓
- 2021 - Fuzzing with optimized grammar-aware mutation strategies ✓
- 2021 - Directed Fuzzing for Use-After-FreeVulnerabilities Detection ✓
- 2021 - DIFUZZRTL: Differential Fuzz Testing to FindCPU Bugs ✓
- 2021 - Z-Fuzzer: device-agnostic fuzzing of Zigbee protocol implementation ✓
- 2021 - Fuzzing with Multi-dimensional Control of Mutation Strategy ✓
- 2021 - Using a Guided Fuzzer and Preconditions to Achieve Branch Coverage with Valid Inputs ✓
- 2021 - RIFF: Reduced Instruction Footprint for Coverage-Guided Fuzzing ✓
- 2021 - CoCoFuzzing: Testing Neural Code Models with Coverage-Guided Fuzzing ✓
- 2021 - Seed Selection for Successful Fuzzing ✓
- 2021 - Gramatron: Effective Grammar-Aware Fuzzing ✓
- 2021 - Hyntrospect: a fuzzer for Hyper-V devices ✓
- 2021 - FUZZOLIC: mixing fuzzing and concolic execution ✓
- 2021 - QFuzz: Quantitative Fuzzing for Side Channels ✓
- 2021 - Revizor: Fuzzing for Leaks in Black-box CPUs ✓
- 2021 - Unleashing Fuzzing Through Comprehensive, Efficient, and Faithful Exploitable-Bug Exposing ✓
- 2021 - Constraint-guided Directed Greybox Fuzzing ✓
- 2021 - Test-Case Reduction and Deduplication Almost forFree with Transformation-Based Compiler Testing ✓
- 2021 - RULF: Rust Library Fuzzing via API Dependency Graph Traversal ✓
- 2021 - STOCHFUZZ: Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting ✓
- 2021 - PS-Fuzz: Efficient Graybox Firmware Fuzzing Based on Protocol State ✓
- 2021 - MuDelta: Delta-Oriented Mutation Testing at Commit Time ✓
- 2021 - CollabFuzz: A Framework for Collaborative Fuzzing ✓
- 2021 - MUTAGEN: Faster Mutation-Based Random Testing ✓
- 2021 - Inducing Subtle Mutations with Program Repair ✓
- 2021 - Differential Analysis of X86-64 Instruction Decoders ✓
- 2021 - On Introducing Automatic Test Case Generation in Practice: A Success Story and Lessons Learned ✓
- 2021 - A Priority Based Path Searching Method for Improving Hybrid Fuzzing ✓
- 2021 - IntelliGen: Automatic Driver Synthesis for Fuzz Testing ✓
- 2021 - icLibFuzzer: Isolated-context libFuzzer for Improving Fuzzer Comparability ✓
- 2021 - SN4KE: Practical Mutation Testing at Binary Level ✓
- 2021 - One Engine to Fuzz ’em All: Generic Language Processor Testing with Semantic Validation ✓
- 2021 - Growing A Test Corpus with Bonsai Fuzzing ✓
- 2021 - Fuzzing Symbolic Expressions ✓
- 2021 - JMPscare: Introspection for Binary-Only Fuzzing ✓
- 2021 - An Improved Directed Grey-box Fuzzer ✓
- 2021 - A Binary Protocol Fuzzing Method Based on SeqGAN ✓
- 2021 - Refined Grey-Box Fuzzing with Sivo ✓
- 2021 - PSOFuzzer: A Target-Oriented Software Vulnerability Detection Technology Based on Particle Swarm Optimization ✓
- 2021 - MooFuzz: Many-Objective Optimization Seed Schedule for Fuzzer ✓
- 2021 - CMFuzz: context-aware adaptive mutation for fuzzers ✓
- 2021 - GTFuzz: Guard Token Directed Grey-Box Fuzzing ✓
- 2021 - ProFuzzBench: A Benchmark for Stateful Protocol Fuzzing ✓
- 2021 - SymQEMU:Compilation-based symbolic execution for binaries ✓
- 2021 - CONCOLIC EXECUTION TAILORED FOR HYBRID FUZZING THESIS ⚠
- 2021 - Breaking Through Binaries: Compiler-quality Instrumentationfor Better Binary-only Fuzzing ✓
- 2021 - AlphaFuzz: Evolutionary Mutation-based Fuzzing as Monte Carlo Tree Search ✓
- 2020 - Fuzzing with Fast Failure Feedback ✓
- 2020 - LAFuzz: Neural Network for Efficient Fuzzing ✓
- 2020 - MaxAFL: Maximizing Code Coverage with a Gradient-Based Optimization Technique ✓
- 2020 - Program State Abstraction for Feedback-Driven Fuzz Testing using Likely Invariants ✓
- 2020 - PMFuzz: Test Case Generation for Persistent Memory Programs ✓
- 2020 - FuSeBMC: A White-Box Fuzzer for Finding Security Vulnerabilities in C Programs ✓
- 2020 - Integrity: Finding Integer Errors by Targeted Fuzzing ✓
- 2020 - ConFuzz: Coverage-guided Property Fuzzing for Event-driven Programs ✓
- 2020 - AFLTurbo: Speed up Path Discovery for Greybox Fuzzing ✓
- 2020 - Fuzzing Channel-Based Concurrency Runtimes using Types and Effects ✓
- 2020 - DeFuzz: Deep Learning Guided Directed Fuzzing ✓
- 2020 - CrFuzz: Fuzzing Multi-purpose Programs through InputValidation ✓
- 2020 - EPfuzzer: Improving Hybrid Fuzzing with Hardest-to-reach Branch Prioritization ✓
- 2020 - Fuzzing Based on Function Importance by Attributed Call Graph ✓
- 2020 - UNIFUZZ: A Holistic and Pragmatic Metrics-Driven Platform for Evaluating Fuzzers ✓
- 2020 - PathAFL: Path-Coverage Assisted Fuzzing ✓
- 2020 - Path Sensitive Fuzzing for Native Applications ✓
- 2020 - UniFuzz: Optimizing Distributed Fuzzing via Dynamic Centralized Task Scheduling ✓
- 2020 - Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection ✓
- 2020 - SpecFuzz: Bringing Spectre-type vulnerabilities to the surface ✓
- 2020 - Zeror: Speed Up Fuzzing with Coverage-sensitive Tracing and Scheduling ✓
- 2020 - MUZZ: Thread-aware Grey-box Fuzzing for Effective Bug Hunting in Multithreaded Programs ✓
- 2020 - Evolutionary Grammar-Based Fuzzing ✓
- 2020 - AFLpro: Direction sensitive fuzzing ✓
- 2020 - CSI-Fuzz: Full-speed Edge Tracing Using Coverage Sensitive Instrumentation ✓
- 2020 - Scalable Greybox Fuzzing for Effective Vulnerability Management DISS ✓
- 2020 - HotFuzz Discovering Algorithmic Denial-of-Service Vulnerabilities through Guided Micro-Fuzzing ✓
- 2020 - Fuzzing Binaries for Memory Safety Errors with QASan ✓
- 2020 - Suzzer: A Vulnerability-Guided Fuzzer Based on Deep Learning ✓
- 2020 - IJON: Exploring Deep State Spaces via Fuzzing ⚠
- 2020 - Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities ✓
- 2020 - PANGOLIN: Incremental Hybrid Fuzzing with Polyhedral Path Abstraction ✓
- 2020 - UEFI Firmware Fuzzing with Simics Virtual Platform ✓
- 2020 - Typestate-Guided Fuzzer for Discovering Use-after-Free Vulnerabilities ✓
- 2020 - FuzzGuard: Filtering out Unreachable Inputs in Directed Grey-box Fuzzing through Deep Learning ✓
- 2020 - HyDiff: Hybrid Differential Software Analysis ✓
- 2019 - Engineering a Better Fuzzer with SynergicallyIntegrated Optimizations ✓
- 2019 - Superion: Grammar-Aware Greybox Fuzzing ✓
- 2019 - ProFuzzer: On-the-fly Input Type Probing for Better Zero-day Vulnerability Discovery ✓
- 2019 - Grimoire: Synthesizing Structure while Fuzzing ✓
- 2019 - Ptrix: Efficient Hardware-Assisted Fuzzing for COTS Binary ✓
- 2019 - SAVIOR: Towards Bug-Driven Hybrid Testing ✓
- 2019 - FUDGE: Fuzz Driver Generation at Scale ✓
- 2019 - NAUTILUS: Fishing for Deep Bugs with Grammars ⚠
- 2019 - Send Hardest Problems My Way: Probabilistic Path Prioritization for Hybrid Fuzzing ✓
- 2019 - EnFuzz: Ensemble Fuzzing with Seed Synchronization among Diverse Fuzzers ✓
- 2018 - Fuzz Testing in Practice: Obstacles and Solutions ✓
- 2018 - PAFL: Extend Fuzzing Optimizations of Single Mode to Industrial Parallel Mode ✓
- 2018 - PTfuzz: Guided Fuzzing with Processor Trace Feedback ✓
- 2018 - Angora: Efficient Fuzzing by Principled Search ✓
- 2018 - FairFuzz: A Targeted Mutation Strategy for Increasing Greybox Fuzz Testing Coverage ✓
- 2018 - NEUZZ: Efficient Fuzzing with Neural Program Smoothing ✓
- 2018 - CollAFL: path Sensitive Fuzzing ✗
- 2018 - Full-speed Fuzzing: Reducing Fuzzing Overhead through Coverage-guided Tracing ✓
- 2018 - QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing ✓
- 2018 - Coverage-based Greybox Fuzzing as Markov Chain ✓
- 2018 - MoonShine: Optimizing OS Fuzzer Seed Selection with Trace Distillation ✓
- 2018 - Singularity: Pattern Fuzzing for Worst Case Complexity ✓
- 2018 - Smart Greybox Fuzzing ✓
- 2018 - Hawkeye: Towards a Desired Directed Grey-box Fuzzer ✓
- 2018 - PerfFuzz: Automatically Generating Pathological Inputs ✓
- 2018 - FairFuzz: A Targeted Mutation Strategy for Increasing Greybox Fuzz Testing Coverage ✓
- 2018 - Enhancing Memory Error Detection forLarge-Scale Applications and Fuzz Testing ✓
- 2018 - T-Fuzz: fuzzing by program transformation ✓
- 2017 - Evaluating and improving fault localization ✓
- 2017 - IMF: Inferred Model-based Fuzzer ✓
- 2017 - Synthesizing Program Input Grammars ✓
- 2017 - Stateful Fuzzing of Wireless Device Drivers in an Emulated Environment ✓
- 2017 - Steelix: Program-State Based Binary Fuzzing ✓
- 2017 - Designing New Operating Primitives to ImproveFuzzing Performance ✓
- 2017 - VUzzer: Application-aware Evolutionary Fuzzing ✓
- 2017 - DIFUZE: Interface Aware Fuzzing for Kernel Drivers ✓
- 2017 - Instruction Punning: Lightweight Instrumentation for x86-64 ✓
- 2017 - Designing New Operating Primitives to Improve Fuzzing Performance ✓
- 2014 - A Large-Scale Analysis of the Security of Embedded Firmwares ✓
- 2013 - Scheduling Black-box Mutational Fuzzing ✓
- 2013 - Dowsing for Overflows: A Guided Fuzzer to Find Buffer Boundary Violations ✓
- 2013 - RPFuzzer: A Framework for Discovering Router Protocols Vulnerabilities Based on Fuzzing ✓
- 2011 - Offset-Aware Mutation based Fuzzing for Buffer Overflow Vulnerabilities: Few Preliminary Results ✓
- 2010 - TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection ✓
- 2009 - Taint-based Directed Whitebox Fuzzing ✓
- 2009 - Dynamic Test Generation To Find Integer Bugs in x86 Binary Linux Programs ✓
- 2008 - Grammar-based Whitebox Fuzzing ✓
- 2008 - Vulnerability Analysis for X86 Executables Using Genetic Algorithm and Fuzzing ✓
- 2008 - KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs ✓
- 2008 - Automated Whitebox Fuzz Testing ✓
- 2005 - DART: Directed Automated Random Testing ✓
- 1994 - Dominators, Super Blocks, and Program Coverage ✓
- 2023 - AFGen: Whole-Function Fuzzing for Applications and Libraries ✓
- 2023 - NaNofuzz: A Usable Tool for Automatic Test Generation ✓
- 2024 - Fixing Security Vulnerabilities with AI in OSS-Fuzz ✓
- 2024 - ChatHTTPFuzz: Large Language Model-Assisted IoT HTTP Fuzzing ✓
- 2024 - Harnessing Large Language Models for Seed Generation in Greybox Fuzzing ✓
- 2024 - Magneto: A Step-Wise Approach to Exploit Vulnerabilities in Dependent Libraries via LLM-Empowered Directed Fuzzing ✓
- 2024 - Fuzzing BusyBox: Leveraging LLM and Crash Reuse for Embedded Bug Unearthing ✓
- 2024 - My Fuzzers Won’t Build: An Empirical Study of Fuzzing Build Failures ✓
- 2024 - ECG: Augmenting Embedded Operating System Fuzzing via LLM-based Corpus Generation ✓
- 2024 - FUZZCODER: Byte-level Fuzzing Test via Large Language Mode ✓
- 2024 - ProphetFuzz: Fully Automated Prediction and Fuzzing of High-Risk Option Combinations with Only Documentation via Large Language Model ✓
- 2024 - Is “AI” Useful for Fuzzing? (Keynote) ✓
- 2024 - Initial Seeds Generation Using LLM for IoT Device Fuzzing ✓
- 2024 - Your Fix Is My Exploit: Enabling Comprehensive DL Library API Fuzzing with Large Language Models ✓
- 2024 - WhiteFox: White-Box Compiler Fuzzing Empowered by Large Language Models ✓
- 2024 - The Mutators Reloaded: Fuzzing Compilers with Large Language Model Generated Mutation Operators ✓
- 2024 - A Coverage-Guided Fuzzing Method for Automatic Software Vulnerability Detection Using Reinforcement Learning-Enabled Multi-Level Input Mutation ✓
- 2024 - LLAMAFUZZ: Large Language Model Enhanced Greybox Fuzzing ✓
- 2024 - Survey on Large Language Model (LLM) Security and Privacy: The Good, the Bad, and the Ugly ✓
- 2024 - Generative AI and Large Language Models for Cyber Security: All Insights You Need ✓
- 2024 - Large Language Model guided Protocol Fuzzing ✓
- 2024 - When Fuzzing Meets LLMs: Challenges and Opportunities ✓
- 2024 - Fuzz4All: Universal Fuzzing with Large Language Models ✓
- 2024 - Large Language Models for Cyber Security: A Systematic Literature Review ✓
- 2024 - LLM4Vuln: A Unified Evaluation Framework for Decoupling and Enhancing LLMs’ Vulnerability Reasoning ✓
- 2024 - Fuzzing BusyBox: Leveraging LLM and Crash Reuse for Embedded Bug Unearthing ✓
- 2024 - Prompt Fuzzing for Fuzz Driver Generation ✓
- 2023 - HOW FAR HAVE WE GONE IN VULNERABILITY DETECTION USING LARGE LANGUAGE MODELS ✓
- 2023 - KernelGPT: Enhanced Kernel Fuzzing via Large Language Models ✓
- 2023 - Exploring the Limits of ChatGPT in Software Security Applications ✓
- 2023 - LLM-Based Code Generation Method for Golang Compiler Testing ✓
- 2023 - Large Language Model guided Protocol Fuzzing ✓
- 2023 - AI-assisted Vulnerability Analysis And Classification Framework for UDS on CAN-bus Fuzzer ✓
- 2023 - GPTFUZZER: Red Teaming Large Language Models with Auto-Generated Jailbreak Prompts ✓
- 2023 - FUZZLLM: A NOVEL AND UNIVERSAL FUZZING FRAMEWORK FOR PROACTIVELY DISCOVERING JAILBREAK VULNERABILITIES IN LARGE LANGUAGE MODELS ✓
- 2023 - Universal Fuzzing via Large Language Models ✓
- 2023 - Understanding Large Language Model Based Fuzz Driver Generation ✓
- 2023 - Large Language Models for Fuzzing Parsers ✓
- 2023 - Large Language Models Are Zero-Shot Fuzzers: Fuzzing Deep-Learning Libraries via Large Language Models ✓
- 2023 - Augmenting Greybox Fuzzing with Generative AI ✓
- 2023 - Understanding Programs by Exploiting (Fuzzing) Test Cases ✓
- 2024 - Parallel Fuzzing of IoT Messaging Protocols through Collaborative Packet Generation ✓
- 2024 - TWFuzz: Fuzzing Embedded Systems with Three Wires ✓
- 2024 - IoTFuzzSentry: Hunting Bugs In The IoT Wilderness In Operational Phase Using Payload Fuzzing ✓
- 2024 - TAIFuzz: taint analysis instrumentation-based firmware fuzzing system ✓
- 2024 - RIoTFuzzer: Companion App Assisted Remote Fuzzing for Detecting Vulnerabilities in IoT Devices ✓
- 2024 - FIRMRCA: Towards Post-Fuzzing Analysis on ARM Embedded Firmware with Efficient Event-based Fault Localization ✓
- 2024 - MSLFuzzer: black-box fuzzing of SOHO router devices via message segment list inference ✓
- 2024 - MULTIFUZZ: A Multi-Stream Fuzzer For Testing Monolithic Firmware ✓
- 2023 - KVFL: Key-Value-Based Persistent Fuzzing for IoT Web Servers ✓
- 2023 - Firmulti Fuzzer: Discovering Multi-process Vulnerabilities in IoT Devices with Full System Emulation and VMI ✓
- 2023 - Fuzzability Testing Framework for Incomplete Firmware Binary ✓
- 2023 - Fuzzing Embedded Systems Using Debug Interfaces ✓
- 2023 - Icicle: A Re-Designed Emulator for Grey-Box Firmware Fuzzing ✓
- 2022 - FirmSolo: Enabling dynamic analysis of binary Linux-based IoT kernel modules ✓
- 2022 - FuzzDocs: An Automated Security Evaluation Framework for IoT ✓
- 2022 - AflIot: Fuzzing on linux-based IoT device with binary-level instrumentation ✓
- 2022 - Tardis: Coverage-Guided Embedded Operating System Fuzzing ✓
- 2022 - Efficient greybox fuzzing of applications in Linux-based IoT devices via enhanced user-mode emulation ✓
- 2022 - Trampoline Over the Air: Breaking in IoT Devices Through MQTT Brokers ✓
- 2022 - PDFuzzerGen: Policy-Driven Black-Box Fuzzer Generation for Smart Devices ✓
- 2022 - RW-Fuzzer: A Fuzzing Method for Vulnerability Mining on Router Web Interface ✓
- 2022 - IoTInfer: Automated Blackbox Fuzz Testing of IoT Network Protocols Guided by Finite State Machine Inference ✓
- 2022 - Debugger-driven Embedded Fuzzing ✓
- 2022 - Game of Hide-and-Seek: Exposing Hidden Interfaces in Embedded Web Applications of IoT Devices ✓
- 2022 - 𝜇AFL: Non-intrusive Feedback-driven Fuzzing for Microcontroller Firmware ✓
- 2022 - FirVer: Concolic Testing for Systematic Validation of Firmware Binaries ✓
- 2022 - Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing ✓
- 2021 - CPscan: Detecting Bugs Caused by Code Pruning in IoT Kernels ✓
- 2021 - An Efficient Feedback-enhanced Fuzzing Scheme for Linux-based IoT Firmwares ✗
- 2021 - A Fuzzing Method for Embedded Software ✓
- 2021 - Large-scale Firmware Vulnerability Analysis Based on Code Similarity ✓
- 2021 - Towards Fast and Scalable Firmware Fuzzing with Dual-Level Peripheral Modeling ✓
- 2021 - Riding the IoT Wave with VFuzz: Discovering Security Flaws in Smart Home ✓
- 2021 - Zero WFuzzer: Target-Oriented Fuzzing for Web Interface of Embedded Devices ✓
- 2021 - StFuzzer: Contribution-Aware Coverage-Guided Fuzzing for Smart Devices ✓
- 2021 - Rtkaller: State-aware Task Generation for RTOS Fuzzing ✓
- 2021 - IFIZZ: Deep-State and Efficient Fault-Scenario Generation to Test IoT Firmware ✓
- 2021 - Automatic Vulnerability Detection in Embedded Devices and Firmware: Survey and Layered Taxonomies ✓
- 2021 - Fuzzing the Internet of Things: A Review on the Techniques and Challenges for Efficient Vulnerability Discovery in Embedded Systems ✓
- 2021 - FIRM-COV: High-Coverage Greybox Fuzzing for IoT Firmware via Optimized Process Emulation ✓
- 2020 - Verification of Embedded Software Binaries using Virtual Prototypes ✓
- 2020 - μSBS: Static Binary Sanitization of Bare-metal Embedded Devices forFault Observability ✓
- 2020 - Device-agnostic Firmware Execution is Possible: A Concolic Execution Approach for Peripheral Emulation ✓
- 2020 - Vulnerability Detection in SIoT Applications: A Fuzzing Method on their Binaries ✓
- 2020 - FirmAE: Towards Large-Scale Emulation of IoT Firmware forDynamic Analysis ✓
- 2020 - FIRMNANO: Toward IoT Firmware Fuzzing Through Augmented Virtual Execution ✓
- 2020 - ARM-AFL: Coverage-Guided Fuzzing Framework for ARM-Based IoT Devices ✓
- 2020 - Bug detection in embedded environments by fuzzing and symbolic execution ✓
- 2020 - FirmXRay: Detecting Bluetooth Link Layer Vulnerabilities From Bare-Metal Firmware ✓
- 2020 - EM-Fuzz: Augmented Firmware Fuzzing via Memory Checking ✓
- 2020 - Verification of Embedded Binaries using Coverage-guided Fuzzing with System C-based Virtual Prototypes ✓
- 2020 - DICE: Automatic Emulation of DMA Input Channels for Dynamic Firmware Analysis ✓
- 2020 - Fw‐fuzz: A code coverage‐guided fuzzing framework for network protocols on firmware ✓
- 2020 - Taint-Driven Firmware Fuzzing of Embedded Systems ✓
- 2020 - A Dynamic Instrumentation Technology for IoT Devices ✓
- 2020 - Vulcan: a state-aware fuzzing tool for wear OS ecosystem ✓
- 2020 - A Novel Concolic Execution Approach on Embedded Device ✓
- 2020 - HFuzz: Towards automatic fuzzing testing of NB-IoT core network protocols implementations ✓
- 2020 - FIRMCORN: Vulnerability-Oriented Fuzzing of IoT Firmware via Optimized Virtual Execution ✓
- 2018 - IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing ✓
- 2017 - Towards Automated Dynamic Analysis for Linux-based Embedded Firmware ✓
- 2016 - Scalable Graph-based Bug Search for Firmware Images ✓
- 2015 - SURROGATES: Enabling Near-Real-Time Dynamic Analyses of Embedded Systems ✓
- 2015 - Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware ✓
- 2014 - A Large-Scale Analysis of the Security of Embedded Firmwares ✓
- 2013 - RPFuzzer: A Framework for Discovering Router Protocols Vulnerabilities Based on Fuzzing ✓
- 2024 - SyncEmu: Enabling Dynamic Analysis of Stateful Trusted Applications ✓
- 2022 - What You See is Not What You Get: Revealing Hidden Memory Mapping for Peripheral Modeling ✓
- 2022 - What Your Firmware Tells You Is Not How You Should Emulate It: A Specification-Guided Approach for Firmware Emulation (Extended Version) ✓
- 2022 - BEERR: Bench of Embedded system Experiments for Reproducible Research ✓
- 2022 - FIRMWIRE: Transparent Dynamic Analysis for Cellular Baseband Firmware ✓
- 2022 - An Automated Approach to Re-Hosting Embedded Firmware Through Removing Hardware Dependencies ✓
- 2021 - FIRMGUIDE: Boosting the Capability of Rehosting Embedded Linux Kernels through Model-Guided Kernel Execution ✓
- 2021 - Automatic Firmware Emulation through Invalidity-guided Knowledge Inference(Extended Version) ✓
- 2021 - Firmware Re-hosting Through Static Binary-level Porting ✓
- 2021 - Jetset: Targeted Firmware Rehosting for Embedded Systems ✓
- 2021 - Automatic Firmware Emulation through Invalidity-guided Knowledge Inference ✓
- 2024 - Stateful protocol fuzzing with statemap-based reverse state selection ✓
- 2024 - No Peer, no Cry: Network Application Fuzzing via Fault Injection ✓
- 2024 - Stateful protocol fuzzing with statemap-based reverse state selection ✓
- 2024 - Gudifu: Guided Differential Fuzzing for HTTP Request Parsing Discrepancies ✓
- 2024 - Netfuzzlib: Adding First-Class Fuzzing Support to Network Protocol Implementations ✓
- 2023 - NSFuzz: Towards Eficient and State-Aware Network Service Fuzzing - RCR Report ✓
- 2023 - INTENDER: Fuzzing Intent-Based Networking with Intent-State Transition Guidance ✓
- 2023 - NSFuzz: Towards Eficient and State-Aware Network Service Fuzzing ✓
- 2022 - FitM: Binary-Only Coverage-Guided Fuzzing for Stateful Network Protocols ✓
- 2022 - WThreadAFL:Deterministic Greybox Fuzzing for Multi-threadNetwork Servers ✓
- 2022 - Model-Based Grey-Box Fuzzing of Network Protocols ✓
- 2022 - Registered Report: NSFuzz: Towards Efficient and State-Aware Network Service Fuzzing ✓
- 2022 - SnapFuzz: An Efficient Fuzzing Framework for Network Applications ✓
- 2022 - REST API Fuzzing by Coverage Level Guided Blackbox Testing ✓
- 2022 - SNPSFuzzer: A Fast Greybox Fuzzer for Stateful Network Protocols using Snapshots ✓
- 2022 - WAFL: Binary-Only WebAssembly Fuzzing with Fast Snapshots ✓
- 2021 - Nyx-Net: Network Fuzzing with Incremental Snapshots ✓
- 2021 - RapidFuzz: Accelerating Fuzzing via Generative Adversarial Networks ✓
- 2021 - StateAFL: Greybox Fuzzing for Stateful Network Servers ✓
- 2020 - AFLNET: A Greybox Fuzzer for Network Protocols ✓
- 2020 - Finding Security Vulnerabilities in Network Protocol Implementations ✓
- 2024 - OZZ: Identifying Kernel Out-of-Order Concurrency Bugs with In-Vivo Memory Access Reordering ✓
- 2024 - SyzLego: Enhancing Kernel Directed Greybox Fuzzing via Dependency Inference and Scheduling ✓
- 2024 - A Little Goes a Long Way: Tuning Configuration Selection for Continuous Kernel Fuzzing ✓
- 2024 - CountDown: Refcount-guided Fuzzing for Exposing Temporal Memory Errors in Linux Kernel ✓
- 2024 - Approaches to determining the attack surface for fuzzing the Linux kernel ✓
- 2024 - SyzGen++: Dependency Inference for Augmenting Kernel Driver Fuzzing ✓
- 2024 - SyzRetrospector: A Large-Scale Retrospective Study of Syzbot ✓
- 2024 - SyzRisk: A Change-Pattern-Based Continuous Kernel Regression Fuzzer ✓
- 2024 - MOCK: Optimizing Kernel Fuzzing Mutation with Context-aware Dependency ✓
- 2023 - SyzDirect: Directed Greybox Fuzzing for Linux Kernel ✓
- 2023 - SyzBridge: Bridging the Gap in Exploitability Assessment of Linux Kernel Bugs in the Linux Ecosystem ✓
- 2023 - KextFuzz: A Practical Fuzzer for macOS Kernel EXTensions on Apple Silicon ✓
- 2023 - WinkFuzz: Model-based Script Synthesis for Fuzzing ✓
- 2023 - SyzDescribe: Principled, Automated, Static Generation of Syscall Descriptions for Kernel Drivers ✓
- 2023 - ACTOR: Action-Guided Kernel Fuzzing ✓
- 2023 - KextFuzz: Fuzzing macOS Kernel EXTensions on Apple Silicon via Exploiting Mitigations ✓
- 2023 - BoKASAN: Binary-only Kernel Address Sanitizer for Effective Kernel Fuzzing ✓
- 2023 - DDRace: Finding Concurrency UAF Vulnerabilities in Linux Drivers with Directed Fuzzing ✓
- 2023 - Towards Unveiling Exploitation Potential With Multiple Error Behaviors for Kernel Bugs ✓
- 2023 - No Grammar, No Problem: Towards Fuzzing the Linux Kernel without System-Call Descriptions ✓
- 2022 - PrIntFuzz: fuzzing Linux drivers via automated virtual device simulation ✓
- 2022 - KSG: Augmenting Kernel Fuzzing with System Call Specification Generation ✓
- 2022 - Demystifying the Dependency Challenge in Kernel Fuzzing ✓
- 2022 - Midas: Systematic Kernel TOCTTOU Protection ✓
- 2021 - Evaluating Code Coverage for Kernel Fuzzers via Function Call Graph ✓
- 2021 - ACHyb: a hybrid analysis approach to detect kernel access control vulnerabilities ✓
- 2021 - CVFuzz: Detecting complexity vulnerabilities in OpenCL kernels via automated pathological input generation ✓
- 2021 - HEALER: Relation Learning Guided Kernel Fuzzing
- 2021 - SyzVegas: Beating Kernel Fuzzing Odds with Reinforcement Learning ✓
- 2021 - NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis ✓
- 2021 - Undo Workarounds for Kernel Bugs ✓
- 2020 - A Hybrid Interface Recovery Method for Android Kernels Fuzzing ✓
- 2020 - FINDING RACE CONDITIONS IN KERNELS:FROM FUZZING TO SYMBOLIC EXECUTION - THESIS ✓
- 2020 - Agamotto: Accelerating Kernel Driver Fuzzing with Lightweight Virtual Machine Checkpoints ✓
- 2020 - X-AFL: a kernel fuzzer combining passive and active fuzzing ✓
- 2020 - Identification of Kernel Memory Corruption Using Kernel Memory Secret Observation Mechanism ✓
- 2020 - HFL: Hybrid Fuzzing on the Linux Kernel ✓
- 2020 - Realistic Error Injection for System Calls ✓
- 2020 - KRACE: Data Race Fuzzing for Kernel File Systems ✓
- 2020 - USBFuzz: A Framework for Fuzzing USB Drivers by Device Emulation ✓
- 2019 - Fuzzing File Systems via Two-Dimensional Input Space Exploration ✓
- 2019 - Razzer: Finding Kernel Race Bugs through Fuzzing ✓
- 2019 - Unicorefuzz: On the Viability of Emulation for Kernel space Fuzzing ✓
- 2017 - Stateful Fuzzing of Wireless Device Drivers in an Emulated Environment ✓
- 2017 - DIFUZE: Interface Aware Fuzzing for Kernel Drivers ✓
- 2008 - Fuzzing Wi-Fi Drivers to Locate Security Vulnerabilities ⚠
- 2025 - DUMPLING: Fine-grained Differential JavaScript Engine Fuzzing ✓
- 2024 - SQLPass: A Semantic Effective Fuzzing Method for DBMS ✓
- 2024 - Atlas: Automating Cross-Language Fuzzing on Android Closed-Source Libraries ✓
- 2024 - Tacoma: Enhanced Browser Fuzzing with Fine-Grained Semantic Alignment ✓
- 2024 - Applying Fuzz Driver Generation to Native C/C++ Libraries of OEM Android Framework: Obstacles and Solutions ✓
- 2024 - CrossFire: Fuzzing macOS Cross-XPU Memory on Apple Silicon ✓
- 2024 - BArcherFuzzer: An Android System Services Fuzzier via Transaction Dependencies of BpBinder ✓
- 2024 - BRF: Fuzzing the eBPF Runtime ✓
- 2024 - Monarch: A Fuzzing Framework for Distributed File Systems ✓
- 2023 - Android Fuzzing: Balancing User-Inputs and Intents ✓
- 2023 - ItyFuzz: Snapshot-Based Fuzzer for Smart Contract ✓
- 2023 - BRF: eBPF Runtime Fuzzer ✓
- 2023 - MorFuzz: Fuzzing Processor via Runtime Instruction Morphing enhanced Synchronizable Co-simulation ✓
- 2023 - EFCF: High Performance Smart Contract Fuzzing for Exploit Generation ✓
- 2023 - ODDFUZZ: Discovering Java Deserialization Vulnerabilities via Structure-Aware Directed Greybox Fuzzing ✓
- 2023 - VIDEZZO: Dependency-aware Virtual Device Fuzzing ✓
- 2023 - HyPFuzz: Formal-Assisted Processor Fuzzing ✓
- 2023 - FUZZILLI: Fuzzing for JavaScript JIT Compiler Vulnerabilities ✓
- 2022 - SFuzz: Slice-based Fuzzing for Real-Time Operating Systems ✓
- 2022 - LFUZZ: Exploiting Locality for File-system Fuzzing ✓
- 2022 - MUNDOFUZZ: Hypervisor Fuzzing with Statistical Coverage Testing and Grammar Inference ✓
- 2022 - DTLS-Fuzzer: A DTLS Protocol State Fuzzer ✓
- 2022 - FuzzUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks ✓
- 2022 - TheHuzz: Instruction Fuzzing of Processors Using Golden-Reference Models for Finding Software-Exploitable Vulnerabilities ✓
- 2021 - V-Shuttle: Scalable and Semantics-Aware Hypervisor Virtual Device Fuzzing ✓
- 2021 - FormatFuzzer: Effective Fuzzing of Binary File Formats ✓
- 2020 - NYX: Greybox Hypervisor Fuzzing using Fast Snapshots and Affine Types ✓
- 2020 - Tree2tree Structural Language Modeling for Compiler Fuzzing ✓
- 2020 - Detecting Critical Bugs in SMT Solvers Using Blackbox Mutational Fuzzing ✓
- 2020 - JS Engine - Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer ✓
- 2020 - JS Engine - Fuzzing JavaScript Engines with Aspect-preserving Mutation ✓
- 2020 - CUDA Compiler - CUDAsmith: A Fuzzer for CUDA Compilers ✓
- 2020 - Smart Contracts - sFuzz: An Efficient Adaptive Fuzzer for Solidity Smart Contracts ✓
- 2019 - Compiler Fuzzing: How Much Does It Matter? ✓
- 2019 - Smart Contracts - Harvey: A Greybox Fuzzer for Smart Contracts ✓
- 2017 - XML - Skyfire: Data-Driven Seed Generation for Fuzzing ✓
- 2024 - Revealing the exploitability of heap overflow through PoC analysis ✓
- 2024 - Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation ✓
- 2024 - K-LEAK: Towards Automating the Generation of Multi-Step Infoleak Exploits against the Linux Kernel ✓
- 2023 - Enhanced Memory Corruption Detection in C/C++ Programs ✓
- 2023 - Automated Exploitable Heap Layout Generation for Heap Overflows Through Manipulation Distance-Guided Fuzzing ✓
- 2023 - The Most Dangerous Codec in the World: Finding and Exploiting Vulnerabilities in H.264 Decoders ✓
- 2023 - Detecting Exploit Primitives Automatically for Heap Vulnerabilities on Binary Programs ✓
- 2022 - RiscyROP: Automated Return-Oriented Programming Attacks on RISC-V and ARM64 ✓
- 2022 - Automatic Permission Check Analysis for Linux Kernel ✓
- 2022 - OS-Aware Vulnerability Prioritization via Differential Severity Analysis ✓
- 2022 - Arbiter: Bridging the Static and Dynamic Divide in Vulnerability Discovery on Binary Programs ✗
- 2022 - KASPER: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel ✓
- 2022 - MaMaDroid 2.0 - The Holes of control flow graphs ✓
- 2022 -ShadowHeap: Memory Safety through Efficient Heap Metadata Validation ✓
- 2022 - MACH2: System for Root Cause Analysis of Kernel Vulnerabilities [THESIS]
- 2021 - Automated Bug Hunting With Data-Driven Symbolic Root Cause Analysis ✓
- 2021 - MAJORCA: Multi-Architecture JOP and ROP Chain Assembler ✓
- 2021 - A Novel Method for the Automatic Generation of JOP Chain Exploits ✓
- 2021 - V0Finder: Discovering the Correct Origin of Publicly Reported Software Vulnerabilities ✓
- 2021 - Identifying Valuable Pointers in Heap Data ✓
- 2021 - OCTOPOCS: Automatic Verification of Propagated Vulnerable Code Using Reformed Proofs of Concept ✓
- 2021 - Characterizing Vulnerabilities in a Major Linux Distribution ✓
- 2021 - MAZE: Towards Automated Heap Feng Shui ✓
- 2021 - Vulnerability Detection in C/C++ Source Code With Graph Representation Learning ✓
- 2021 - mallotROPism: a metamorphic engine for malicious software variation development ✓
- 2020 - Automatic Techniques to Systematically Discover New Heap Exploitation Primitives ✓
- 2020 - Shadow-Heap: Preventing Heap-based Memory Corruptions by Metadata Validation ✓
- 2020 - Practical Fine-Grained Binary Code Randomization ✓
- 2020 - Tiny-CFA: Minimalistic Control-Flow Attestation UsingVerified Proofs of Execution ⚠
- 2020 - Greybox Automatic Exploit Generation for Heap Overflows in Language Interpreters - PHD THESIS ✓
- 2020 - ABCFI: Fast and Lightweight Fine-Grained Hardware-Assisted Control-Flow Integrity ✓
- 2020 - HeapExpo: Pinpointing Promoted Pointers to Prevent Use-After-Free Vulnerabilities ✗
- 2020 - Localizing Patch Points From One Exploit ✓
- 2020 - Speculative Dereferencing of Registers: Reviving Foreshadow ✓
- 2020 - HAEPG: An Automatic Multi-hop Exploitation Generation Framework ✓
- 2020 - Exploiting More Binaries by Using Planning to Assemble ROP Exploiting More Binaries by Using Planning to Assemble ROP Attacks Attacks ✓
- 2020 - ROPminer: Learning-Based Static Detection of ROP Chain Considering Linkability of ROP Gadgets ✓
- 2020 - KOOBE: Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities ✓
- 2020 - Preventing Return Oriented Programming Attacks By Preventing Return Instruction Pointer Overwrites ✓
- 2020 - KASLR: Break It, Fix It, Repeat ✓
- 2020 - ShadowGuard : Optimizing the Policy and Mechanism of Shadow Stack Instrumentation using Binary Static Analysis ✓
- 2020 - VulHunter: An Automated Vulnerability Detection System Based on Deep Learning and Bytecode ✓
- 2020 - Analysis and Evaluation of ROPInjector ✓
- 2020 - API Misuse Detection in C Programs: Practice on SSL APIs ✓
- 2020 - KOOBE: Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities ✓
- 2020 - Egalito: Layout-Agnostic Binary Recompilation ✓
- 2020 - Verifying Software Vulnerabilities in IoT Cryptographic Protocols ✓
- 2020 - μRAI: Securing Embedded Systems with Return Address Integrity ✓
- 2020 - Preventing Return Oriented Programming Attacks By Preventing Return Instruction Pointer Overwrites ✓
- 2019 - Kernel Protection Against Just-In-Time Code Reuse ✓
- 2019 - Kernel Exploitation Via Uninitialized Stack ✓
- 2019 - KEPLER: Facilitating Control-flow Hijacking Primitive Evaluation for Linux Kernel Vulnerabilities ✓
- 2019 - SLAKE: Facilitating Slab Manipulation for Exploiting Vulnerabilities in the Linux Kernel ✓
- 2018 - HeapHopper: Bringing Bounded Model Checkingto Heap Implementation Security ✓
- 2018 - K-Miner: Uncovering Memory Corruption in Linux ✓
- 2017 - HAIT: Heap Analyzer with Input Tracing ✓
- 2017 - DROP THE ROP: Fine-grained Control-flow Integrity for the Linux Kernel ✓
- 2017 - kR^X: Comprehensive Kernel Protection against Just-In-Time Code Reuse ✓
- 2017 - Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying ✓
- 2017 - Towards Automated Dynamic Analysis for Linux-based Embedded Firmware ✓
- 2016 - Scalable Graph-based Bug Search for Firmware Images ✓
- 2015 - Cross-Architecture Bug Search in Binary Executables ✓
- 2015 - SURROGATES: Enabling Near-Real-Time Dynamic Analyses of Embedded Systems ✓
- 2015 - From Collision To Exploitation: Unleashing Use-After-Free Vulnerabilities in Linux Kernel ✓
- 2015 - PIE: Parser Identification in Embedded Systems ✓
- 2014 - ret2dir: Rethinking Kernel Isolation ✓
- 2014 - Make It Work, Make It Right, Make It Fast: Building a Platform-Neutral Whole-System Dynamic Binary Analysis Platform ✓
- 2011 - Linux kernel vulnerabilities: state-of-the-art defenses and open problems ✓
- 2011 - Protecting the Core: Kernel Exploitation Mitigations ✓
- 2015 - From Collision To Exploitation: Unleashing Use-After-Free Vulnerabilities in Linux Kernel ✓
- 2014 - ret2dir: Rethinking Kernel Isolation ✓
- 2012 - Anatomy of a Remote Kernel Exploit ⚠
- 2012 - A Heap of Trouble: Breaking the Linux Kernel SLOB Allocator ✗
- 2011 - Linux kernel vulnerabilities: state-of-the-art defenses and open problems ✓
- 2011 - Protecting the Core: Kernel Exploitation Mitigations ✓
- 2024 - Effectiveness of ChatGPT for Static Analysis: How Far Are We?Effectiveness of ChatGPT for Static Analysis: How Far Are We? ✓
- 2024 - Bin2Summary: Beyond Function Name Prediction in Stripped Binaries with Functionality-Specific Code Embeddings ✓
- 2021 - ICALLEE: Recovering Call Graphs for Binaries ✓
- 2021 - EnBinDiff: Identifying Data-only Patches for Binaries ✓
- 2021 - VIVA: Binary Level Vulnerability Identification via Partial Signature ✓
- 2021 - Overview of the advantages and disadvantages of static code analysis tools ✓
- 2021 - Multi-Level Cross-Architecture Binary Code Similarity Metric ✓
- 2020 - VulDetector: Detecting Vulnerabilities using Weighted Feature Graph Comparison ✓
- 2020 - DEEPBINDIFF: Learning Program-Wide Code Representations for Binary Diffing ✓
- 2020 - BinDeep: A Deep Learning Approach to Binary Code Similarity Detection ✓
- 2020 - Revisiting Binary Code Similarity Analysis using Interpretable Feature Engineering and Lessons Learned ✓
- 2020 - iDEA: Static Analysis on the Security of Apple Kernel Drivers ✓
- 2020 - HART: Hardware-Assisted Kernel Module Tracing on Arm ✓
- 2020 - AN APPROACH TO COMPARING CONTROL FLOW GRAPHS BASED ON BASIC BLOCK MATCHING ✓
- 2020 - How Far We Have Come: Testing Decompilation Correctness of C Decompilers ✓
- 2020 - Dynamic Binary Lifting and Recompilation DISS ✓
- 2020 - Similarity Based Binary Backdoor Detection via Attributed Control Flow Graph ✓
- 2020 - IoTSIT: A Static Instrumentation Tool for IoT Devices ✓
- 2019 - Code Similarity Detection using AST and Textual Information ✗
- 2018 - CodEX: Source Code Plagiarism DetectionBased on Abstract Syntax Trees ✓
- 2017 - rev.ng: a unified binary analysis framework to recover CFGs and function boundaries ✓
- 2017 - Angr: The Next Generation of Binary Analysis ✓
- 2016 - Binary code is not easy ✓
- 2015 - Cross-Architecture Bug Search in Binary Executables ✓
- 2014 - A platform for secure static binary instrumentation ✓
- 2013 - MIL: A language to build program analysis tools through static binary instrumentation ✓
- 2013 - Binary Code Analysis ✓
- 2013 - A compiler-level intermediate representation based binary analysis and rewriting system ✓
- 2013 - Protocol reverse engineering through dynamic and static binary analysis ✓
- 2013 - BinaryPig: Scalable Static Binary Analysis Over Hadoop ✓
- 2011 - BAP: A Binary Analysis Platform ✓
- 2009 - Syntax tree fingerprinting for source code similarity detection ✓
- 2008 - BitBlaze: A New Approach to Computer Security via Binary Analysis ✓
- 2005 - Practical analysis of stripped binary code ✓
- 2004 - Detecting kernel-level rootkits through binary analysis ✓
- 2024 - Tyche: Making Sense of Property-Based Testing Effectiveness ✓
- 2024 - ARVO: Atlas of Reproducible Vulnerabilities for Open Source Software ✓
- 2024 - LeanBin: Harnessing Lifting and Recompilation to Debloat Binaries ✓
- 2024 - Operation Mango: Scalable Discovery of Taint-Style Vulnerabilities in Binary Firmware Services ✗
- 2024 - A Binary-level Thread Sanitizer or Why Sanitizing on the Binary Level is Hard ✓
- 2023 - MTSan: A Feasible and Practical Memory Sanitizer for Fuzzing COTS Binaries ✓
- 2023 - ARMore: Pushing Love Back Into Binaries ✓
- 2023 - gMutant: A gCov based Mutation Testing Analyser ✓
- 2022 - Auto Off-Target: Enabling Thorough and Scalable Testing for Complex Software Systems ✓
- 2022 - GRIN: Make Rewriting More Precise ✓
- 2022 - CFINSIGHT: A Comprehensive Metric for CFI Policies ✓
- 2022 - Odin: On-Demand Instrumentation with On-the-Fly Recompilation ✓
- 2022 - Debloating Address Sanitizer ✓
- 2021 - FMViz: Visualizing Tests Generated by AFL at the Byte-level ✓
- 2021 - Raising MIPS Binaries to LLVM IR ✓
- 2021 - yzGen: Automated Generation of Syscall Specification of Closed-Source macOS Drivers ✓
- 2021 - Igor: Crash Deduplication Through Root-Cause Clustering ✓
- 2021 - UAFSan: an object-identifier-based dynamic approach for detecting use-after-free vulnerabilities ✓
- 2021 - SyML: Guiding Symbolic Execution Toward Vulnerable States Through Pattern Learning ✓
- 2021 - LLSC: A Parallel Symbolic Execution Compiler for LLVM IR ✓
- 2021 - FuzzSplore: Visualizing Feedback-Driven Fuzzing Techniques ✓
- 2020 - Memory Error Detection Based on Dynamic Binary Translation ✓
- 2020 - Sydr: Cutting Edge Dynamic Symbolic Execution ✓
- 2020 - DrPin: A dynamic binary instumentator for multiple processor architectures ✓
- 2020 - MVP: Detecting Vulnerabilities using Patch-Enhanced Vulnerability Signatures ✓
- 2020 - Collecting Vulnerable Source Code from Open-Source Repositories for Dataset Generation ✓
- 2020 - LEOPARD: Identifying Vulnerable Code for Vulnerability Assessment through Program Metrics ✓
- 2020 - Dynamic Program Analysis Tools in GCC and CLANG Compilers ✓
- 2020 - On Using k-means Clustering for Test Suite Reduction ✓
- 2020 - Optimizing the Parameters of an Evolutionary Algorithm for Fuzzing and Test Data Generation ✓
- 2020 - Inputs from Hell: Learning Input Distributions for Grammar-Based Test Generation ✓
- 2020 - IdSan: An identity-based memory sanitizer for fuzzing binaries ✓
- 2020 - An experimental study oncombining automated andstochastic test data generation - MASTER THESIS ✓
- 2020 - FuzzGen: Automatic Fuzzer Generation ✓
- 2020 - Fuzzing: On the Exponential Cost of Vulnerability Discovery ✓
- 2020 - Poster: Debugging Inputs ✓
- 2020 - API Misuse Detection in C Programs: Practice on SSL APIs ✓
- 2020 - Egalito: Layout-Agnostic Binary Recompilation ✓
- 2020 - Verifying Software Vulnerabilities in IoT Cryptographic Protocols ✓
- 2020 - μRAI: Securing Embedded Systems with Return Address Integrity ✓
- 2020 - Fast Bit-Vector Satisfiability ✓
- 2020 - MARDU: Efficient and Scalable Code Re-randomization ✓
- 2020 - Towards formal verification of IoT protocols: A Review ✓
- 2020 - Automating the fuzzing triage process ✓
- 2020 - COMPARING AFL SCALABILITY IN VIRTUAL-AND NATIVE ENVIRONMENT ✓
- 2020 - SYMBION: Interleaving Symbolic with Concrete Execution ✓
- 2020 - Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization ✓
- 2019 - Toward the Analysis of Embedded Firmware through Automated Re-hosting ✓
- 2019 - FUZZIFICATION: Anti-Fuzzing Techniques ✓
- 2018 - VulinOSS: A Dataset of Security Vulnerabilities in Open-source Systems ✓
- 2018 - HDDr: A Recursive Variantof the Hierarchical Delta Debugging Algorithm ✓
- 2017 - Coarse Hierarchical Delta Debugging ✓
- 2017 - VUDDY: A Scalable Approach for Vulnerable CodeClone Discovery ✓
- 2017 - Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts ✓
- 2017 - Synthesizing Program Input Grammars ✓
- 2017 - Designing New Operating Primitives to Improve Fuzzing Performance ✓
- 2017 - Instruction Punning: Lightweight Instrumentation for x86-64 ✓
- 2016 - Modernizing Hierarchical Delta Debugging ✓
- 2016 - VulPecker: An Automated Vulnerability Detection SystemBased on Code Similarity Analysis ✓
- 2016 - CREDAL: Towards Locating a Memory Corruption Vulnerability with Your Core Dump ✓
- 2016 - RETracer: Triaging Crashes by Reverse Execution fromPartial Memory Dumps ✓
- 2015 - PIE: Parser Identification in Embedded Systems ✓
- 2010 - Iterative Delta Debugging ✓
- 2009 - Dynamic Test Generation To Find Integer Bugs in x86 Binary Linux Programs ✓
- 2006 - HDD: Hierarchical Delta Debugging ✓
- 2024 - SoK: Prudent Evaluation Practices for Fuzzing
- 2024 - An Empirical Examination of Fuzzer Mutator Performance ✓
- 2024 - An Empirical Study on the Distance Metric in Guiding Directed Grey-box Fuzzing ✓
- 2024 - Exploring the Adoption of Fuzz Testing in Open-Source Software: A Case Study of the Go Community ✓
- 2024 - Is Stateful Fuzzing Really Challenging? ✓
- 2024 - Fuzzing Frameworks for Server-side Web Applications: A Survey ✓
- 2024 - SoK: Where to Fuzz? Assessing Target Selection Methods in Directed Fuzzing ✓
- 2024 - A Survey of Protocol Fuzzing ✓
- 2024 - Large Language Models Based Fuzzing Techniques: A Survey ✓
- 2024 - Fuzzing: Progress, Challenges, and Perspectives ✓
- 2023 - A systematic review of fuzzing ✓
- 2023 - An Empirical Study on AST-level mutation-based fuzzing techniques for JavaScript Engines ✓
- 2023 - Software Bug Detection: Challenges and Synergies ✓
- 2023 - Demystify the Fuzzing Methods: A Comprehensive Survey ✓
- 2023 - The Human Side of Fuzzing: Challenges Faced by Developers During Fuzzing Activities ✓
- 2023 - ASanity: On Bug Shadowing by Early ASan Exits ✓
- 2023 - A Case Study on Fuzzing Satellite Firmware ✓
- 2023 - Fuzzing the Latest NTFS in Linux with Papora: An Empirical Study ✓
- 2023 - Fuzzing REST APIs for Bugs: An Empirical Analysis ✓
- 2023 - Automated Binary Analysis: A Survey ✓
- 2023 - Fuzzers for stateful systems: Survey and Research Directions ✓
- 2022 - Detecting Vulnerability on IoT Device Firmware: A Survey ✓
- 2022 - Fuzzing of Embedded Systems: A Survey ✓
- 2022 - Embedded Fuzzing: a Review of Challenges, Tools, and Solutions ✓
- 2022 - An empirical study of vulnerability discovery methods over the past ten years ✓
- 2022 - Fuzzing vulnerability discovery techniques: Survey, challenges and future directions ✓
- 2022 - Fuzzing: A Survey for Roadmap ✓
- 2022 - How Long Do Vulnerabilities Live in the Code? A Large-Scale Empirical Measurement Study on FOSS Vulnerability Lifetimes ✓
- 2021 - Protocol Reverse-Engineering Methods and Tools: A Survey ✓
- 2021 - Exploratory Review of Hybrid Fuzzing for Automated Vulnerability Detection ✓
- 2021 - A Systematic Review of Network Protocol Fuzzing Techniques ✓
- 2021 - Vulnerability Detection is Just the Beginning ✓
- 2021 - Evaluating Synthetic Bugs ✓
- 2020 - A Practical, Principled Measure of Fuzzer Appeal:A Preliminary Study ✓
- 2020 - A Systemic Review of Kernel Fuzzing ✓
- 2020 - A Survey of Hybrid Fuzzing based on Symbolic Execution ✓
- 2020 - A Study on Using Code Coverage Information Extracted from Binary to Guide Fuzzing ✓
- 2020 - Study of Security Flaws in the Linux Kernel by Fuzzing ✓
- 2020 - Dynamic vulnerability detection approaches and tools: State of the Art ✓
- 2020 - Fuzzing: Challenges and Reflections ✓
- 2020 - The Relevance of Classic Fuzz Testing: Have We Solved This One? ✓
- 2020 - A Practical, Principled Measure of Fuzzer Appeal:A Preliminary Study ✓
- 2020 - SoK: All You Ever Wanted to Know About x86/x64 Binary Disassembly But Were Afraid to Ask ✓
- 2020 - A Quantitative Comparison of Coverage-Based Greybox Fuzzers ✓
- 2020 - A Survey of Security Vulnerability Analysis, Discovery, Detection, and Mitigation on IoT Devices ✓
- 2020 - A systematic review of fuzzing based on machine learning techniques ✓
- 2019 - A Survey of Binary Code Similarity ✓
- 2019 - The Art, Science, and Engineering of Fuzzing: A Survey ✓
- 2012 - Regression testing minimization, selection and prioritization: a survey ✓