Lemieux et al., 2017 - Google Patents
Fairfuzz: Targeting rare branches to rapidly increase greybox fuzz testing coverageLemieux et al., 2017
View PDF- Document ID
- 17752025532584693389
- Author
- Lemieux C
- Sen K
- Publication year
- Publication venue
- arXiv preprint arXiv:1709.07101
External Links
Snippet
In recent years, fuzz testing has proven itself to be one of the most effective techniques for finding correctness bugs and security vulnerabilities in practice. One particular fuzz testing tool, American Fuzzy Lop or AFL, has become popular thanks to its ease-of-use and bug …
- 241001196025 Eucalyptus moluccana 0 title description 12
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3604—Software analysis for verifying properties of programs
- G06F11/3612—Software analysis for verifying properties of programs by runtime analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3676—Test management for coverage analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3409—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment for performance assessment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3466—Performance evaluation by tracing or monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/362—Software debugging
- G06F11/3636—Software debugging by tracing the execution of the program
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3604—Software analysis for verifying properties of programs
- G06F11/3608—Software analysis for verifying properties of programs using formal methods, e.g. model checking, abstract interpretation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformations of program code
- G06F8/41—Compilation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/50—Computer-aided design
- G06F17/5009—Computer-aided design using simulation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/58—Random or pseudo-random number generators
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
- G06F2201/86—Event-based monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/75—Structural analysis for program understanding
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Lemieux et al. | Fairfuzz: Targeting rare branches to rapidly increase greybox fuzz testing coverage | |
| Lemieux et al. | Fairfuzz: A targeted mutation strategy for increasing greybox fuzz testing coverage | |
| Chen et al. | Angora: Efficient fuzzing by principled search | |
| You et al. | Profuzzer: On-the-fly input type probing for better zero-day vulnerability discovery | |
| Chen et al. | Hawkeye: Towards a desired directed grey-box fuzzer | |
| Godefroid | Fuzzing: Hack, art, and science | |
| Lemieux et al. | Perffuzz: Automatically generating pathological inputs | |
| Petsios et al. | Slowfuzz: Automated domain-independent detection of algorithmic complexity vulnerabilities | |
| Chen et al. | A systematic review of fuzzing techniques | |
| Saxena et al. | Loop-extended symbolic execution on binary programs | |
| Rawat et al. | VUzzer: Application-aware evolutionary fuzzing. | |
| Stephens et al. | Driller: Augmenting fuzzing through selective symbolic execution. | |
| Jaffar et al. | Boosting concolic testing via interpolation | |
| Yu et al. | Patching vulnerabilities with sanitization synthesis | |
| Yu et al. | Automata-based symbolic string analysis for vulnerability detection | |
| Tateishi et al. | Path-and index-sensitive string analysis based on monadic second-order logic | |
| Liang et al. | Deepfuzzer: Accelerated deep greybox fuzzing | |
| Alkhalaf et al. | Semantic differential repair for input validation and sanitization | |
| Lin et al. | Deriving input syntactic structure from execution | |
| Cai et al. | Diver: Precise dynamic impact analysis using dependence-based trace pruning | |
| Sun et al. | AFLTurbo: Speed up path discovery for greybox fuzzing | |
| Lin et al. | A priority based path searching method for improving hybrid fuzzing | |
| Lin et al. | Reverse engineering input syntactic structure from program execution and its applications | |
| Rutledge et al. | Zero-overhead path prediction with progressive symbolic execution | |
| Moy et al. | Modular bug-finding for integer overflows in the large: Sound, efficient, bit-precise static analysis |