it to other platforms is straight-forward. Recently, test generation techniques have been successfully employed to augment existing specifications of intended program behavior, to improve the generalizability of program synthesis and repair. Abstract: Greybox fuzzing has made impressive progress in recent years, evolving from heuristics-based random mutation to approaches for solving individual path constraints. On the one hand, they fail to consider the execution contexts of thread interleavings, which can miss real data races in specific runtime contexts. We model the multi-objective optimization process as a multi-player multi-armed bandit (MPMAB). To demonstrate the effectiveness of the extracted constraints, DocTer uses the constraints to enable the automatic generation of valid and invalid inputs to test DL API functions. Unfortunately, alternative exploration strategies that have been proposed in the past to capture the program state are of little help in practice, as they immediately result in a state explosion. Valuable explore directions are learned from the seeds, thus the later fuzzing process can reach deep paths in program state space earlier and easier. Finally, we use our approach to test the effectiveness of an invariant-based defence system for the water treatment plant, finding two attacks that were not detected by its physical invariant checks, highlighting a potential weakness that could be exploited in certain conditions. Without seeing at least your CMakeLists.txt and package.xml this is going to be difficult to diagnose. We investigate 28 state-of-the-artfuzzers (82% are published after 2019) closely related to DGF, which have various directed types and optimization techniques. The most exposed and vulnerable parts of these environments are the APIs published to the executed untrusted JavaScript programs. However, researchers focus on improving efficiency while ignoring the increasing cost of testing resources. Even though it is a property verification technique, its common usage in practice is in bug finding, that is, finding violations of temporal properties. Abstract: Kernel drivers are a critical part of the attack surface since they constitute a large fraction of kernel codebase and oftentimes lack proper vetting, especially for those closed-source ones. to generate semantically and temporally valid complex driving scenarios (sequences of scenes). In addition, it is still unclear how their key technical components and whether other factors can impact their performance. They cover 8% and 17% more branches, trigger 79% and 52% more unique crashes. The method first builds a rule-based state machine model as a formal description of the states of a network protocol. In this article, we propose an approach, namely Duo, which combines fuzzing techniques and differential testing techniques to generate input and evaluate corresponding output. In this paper, we present FADATest, which devises several novel techniques to address these challenges. Abstract: Greybox fuzzing has been widely used in stateless programs and has achieved great success. Abstract: Directed greybox fuzzing is an augmented fuzzing technique intended for the targeted usages such as crash reproduction and proof-of-concept generation, which gives directedness to fuzzing by driving the seeds toward the designated program locations called target sites. However, existing fuzzing approaches are very limited in testing error handling code, because some of this code can be only triggered by occasional errors (such as insufficient memory and network-connection failures), but not specific inputs. We design and develop Diane, a tool that combines static and dynamic analysis to find fuzzing triggers in Android companion apps, and then uses them to fuzz IoT devices automatically. To ensure the interoperability of JS programs across different platforms, the implementation of a JS engine should conform to the ECMAScript standard. Willow Garage low-level build system macros and infrastructure. It first collects all interfaces in target services and uncovers deep nested multi-level interfaces to test. We compare xFuzz with three state-of-the-art tools on 7,391 contracts. A classic measure of information is Shannons entropy. We call this approach Bonsai Fuzzing. More specifically, FreeFuzz obtains code/models from three different sources: 1) code snippets from the library documentation, 2) library developer tests, and 3) DL models in the wild. We present Juliet Dynamic to measure dynamic bug detection tools accuracy. Such an end-to-end approach is made possible by natural-language processing (NLP) based information extraction and a semantics-based fuzzing process guided by such information. For example, with our extension, a fuzzer is able to play and solve games such as Super Mario Bros. or resolve more complex patterns such as hash map lookups. This has forced protocol designers to make choices that affect the complexity of DTLS, and to incorporate features that need not be addressed in the numerous TLS analyses. Zest converts random-input generators into deterministic parametric generators. Most (63) of the 94 bugs are previously unknown, 54 of which have been fixed or confirmed by developers after we report them. Abstract: Unlike traditional software, smart contracts have the unique organization in which a sequence of transactions shares persistent states. In this thesis, we present emmutaler, a set of tools to enable fuzzing of the iPhone boot loader. Additionally, HFL achieves 14% higher code coverage than Syzkaller, and over S2E/TriforceAFL, achieving even eight times better coverage, using the same amount of resource (CPU, time, etc.). Using BaseSAFE, we were able to find memory corruptions including heap out-of-bounds writes using our proof-of-concept fuzzing harness in the MediaTek cellular baseband. We found problems in every evaluation we considered. AFLNET is seeded with a corpus of recorded message exchanges between the server and an actual client. For instance, although seemingly new crashes involving previously unexplored paths may be discovered, these often have the same root cause and actually correspond to the same bug. The current set of features include: Message generation; Support for publishers and subscriptions; Loaned messages (zero-copy) Tunable QoS settings; Clients and services Experimental results demonstrate that Berry outperforms four state-of-the-art fuzzers, including directed fuzzers BugRedux, AFLGo and Lolly, and undirected hybrid fuzzer QSYM. We incorporate our analyzer to NTFUZZ, a type-aware Windows kernel fuzzing framework. Thus, fuzzing, proven to be an effective and a practical approach, becomes a preferable choice, as it does not need much knowledge about a target. To highlight the detection capability and practical impacts of MEDS, we evaluated and then compared to Googles state-of-the-art detection tool, AddressSanitizer. Abstract: Greybox fuzzing is an effective method for software testing. We also explore combining different coverage metrics through cross-seeding, and the result is very encouraging: this pure fuzzing based approach can crash at least the same numbers of binaries in the CGC dataset as a previous approach (Driller) that combines fuzzing and concolic execution. IIoT vulnerability analysis has become a major issue because complex skillful cyber-attacks on CPS systems exploit their zero-day vulnerabilities. To perform our security analysis, we created RUSTY that perform bug fuzzing based on the combination of concolic testing and property-based testing. That effort found no smoking guns indicating major test/fuzz weaknesses. Additionally, we found 15 previously unknown bugs in mjs (a light-weight Javascript engine for embedded systems), Intel XED (Intel X86 Encoder Decoder) during the experiments and 1 new CVE in Radare2 (a popular reverse engineering framework). Fuzz testing turns bug finding into a probabilistic search, but current practices restrict themselves to one dimension only (sequential executions). Our framework takes as input a sequential program written in C, and an LTL property. Message Generation: A tool to generate C# classes for ROS message types. This approach can greatly reduce the TTE for a specific bug, but such special-purpose fuzzers can then greatly underapproximate overall bug coverage. We implemented our approach as an extension to AFL, named Superion; and evaluated the effectiveness of Superion on real-life large-scale programs (a XML engine libplist and three JavaScript engines WebKit, Jerryscript and ChakraCore). Abstract: Rogue base stations are an effective attack vector. We present the key insight that mutations in the untyped parameter domain map to structural mutations in the input domain. In 2020 alone, over This allows us to recombine aspects of interesting inputs that were learned individually, and to dramatically increase the probability that any generated input will be accepted by the parser. How to effectively mutate the seed input plays a crucial role in improving the efficiency of the fuzzing. We also use LipFuzzer to evaluate both Amazon Alexa and Google Assistant vApp platforms. Two pdf files are in the markers directory containing tags 0-8 and 9-17, respectively. This approach effectively covers the input space: Evaluated on five subjects, from CSV files to JavaScript, our pFuzzer prototype covers more tokens than both random-based and constraint-based approaches, while requiring no symbolic analysis and far fewer tests than random fuzzers. All these results confirm the practicality of our system as a kernel fuzzer. Experiments show that after only an hour of fuzzing, UnTracers average overhead is below 1%, and after 24-hours of fuzzing, UnTracer approaches 0% overhead, while tracing every test case with popular white- and black-box-binary tracers AFL-Clang, AFL-QEMU, and AFL-Dyninst incurs overheads of 36%, 612%, and 518%, respectively. The empirical results show that the proposed extension gives users chances to improve fuzzing effectiveness and efficiency by configuring the framework specifically for each target component. Traditional fuzzing generates large numbers of random inputs, which however are unlikely to contain keywords and other specific inputs of non-trivial input languages. In this paper, we design UltraFuzz, a fuzzer for resource-saving in distributed fuzzing. Developing a Framework for Fair Evaluation and Comparison of Fuzzers (2021), Evaluating Code Coverage for Kernel Fuzzers via Function Call Graph (Access 2021), A Tight Integration of Symbolic Execution and Fuzzing (short paper 2021), DeltaFuzz: Historical Version Information Guided Fuzz Testing (Journal of Computer Science and Technology 2021), ovAFLow: Detecting Memory Corruption Bugs with Fuzzing-based Taint Inference (Journal of Computer Science and Technology 2021), Machine Learning Guided Cross-Contract Fuzzing (2021), SANRAZOR: Reducing Redundant Sanitizer Checks in C/C++ Programs (OSDI 2021), webFuzz: Grey-Box Fuzzing for Web Applications (ESORICS 2021), Vulnerability-Oriented Fuzz Testing for Connected Autonomous Vehicle Systems (IEEE Transactions on Reliability 2021), Duo: Differential Fuzzing for Deep Learning Operators (IEEE Transactions on Reliability 2021), Rtkaller: State-aware Task Generation for RTOS Fuzzing (EMSOFT 2021), Neural Network Guided Evolutionary Fuzzing for Finding Traffic Violations of Autonomous Vehicles (arXiv 2021), Fuzzing: Cyberphysical System Testing for Security and Dependability (Computer 2021), ESRFuzzer: an enhanced fuzzing framework for physical SOHO router devices to discover multi-Type vulnerabilities (Cybersecurity 2021), ICPFuzzer: proprietary communication protocol fuzzing by using machine learning and feedback strategies (Cybersecurity 2021), Hashing Fuzzing: Introducing Input Diversity to Improve Crash Detection (TSE 2021), KCFuzz: Directed Fuzzing Based on Keypoint Coverage (ICAIS 2021), SHFuzz: A hybrid fuzzing method assisted by static analysis for binary programs (China Communications 2021), RapidFuzz: Accelerating fuzzing via Generative Adversarial Networks (Neurocomputing 2021), HFContractFuzzer: Fuzzing Hyperledger Fabric Smart Contracts for Vulnerability Detection (EASE 2021), Fuzzing With Optimized Grammar-Aware Mutation Strategies (Access 2021), FIRM-COV: High-Coverage Greybox Fuzzing for IoT Firmware via Optimized Process Emulation (Access 2021), Extended grammar-based fuzzing algorithm for JavaScript Engines (2021), CoCoFuzzing: Testing Neural Code Models with Coverage-Guided Fuzzing (2021), FUZZOLIC: Mixing fuzzing and concolic execution (Computers&Security 2021), DirectFuzz: Automated Test Generation for RTL Designs using Directed Graybox Fuzzing (DAC 2021), CollabFuzz: A Framework for Collaborative Fuzzing (EuroSec 2021), HDR-Fuzz: Detecting Buffer Overruns using AddressSanitizer Instrumentation and Fuzzing (2021), Unleashing Fuzzing Through Comprehensive, Efficient, and Faithful Exploitable-Bug Exposing (2021), Improving Web Application Vulnerability Detection Leveraging Ensemble Fuzzing (ENASE 2021), Coverage-guided binary fuzzing with rev.ng and llvm libfuzzer, An Empirical Study of OSS-Fuzz Bugs (MSR 2021), MooFuzz: Many-Objective Optimization Seed Schedule for Fuzzer (Mathematics 2021), PMFuzz: Test Case Generation for Persistent Memory Programs (ASPLOS 2021), A Priority Based Path Searching Method for Improving Hybrid Fuzzing (Computers & Security 2021), CMFuzz: context-aware adaptive mutation for fuzzers (Empirical Software Engineering 2021), Refined Grey-Box Fuzzing with Sivo (arXiv 2021), Constructing More Complete Control Flow Graphs Utilizing Directed Gray-Box Fuzzing (MDPI 2021), Symbolic Security Predicates: Hunt Program Weaknesses (ISPRAS Open 2021), Towards Symbolic Pointers Reasoning in Dynamic Symbolic Execution (IVMEM 2021), FREEDOM: Engineering a State-of-the-Art DOM Fuzzer, SQUIRREL: Testing Database Management Systems with Language Validity and Coverage Feedback, BigFuzz: Efficient Fuzz Testing for Data Analytics using Framework Abstraction, MoFuzz: A Fuzzer Suite for Testing Model-Driven Software Engineering Tools, Zeror: Speed Up Fuzzing with Coverage-sensitive Tracing and Scheduling, Generating Highly-structured Input Data by Combining Search-based Testing and Grammar-based Fuzzing, Active Fuzzing for Testing and Securing Cyber-Physical Systems, Learning Input Tokens for Effective Fuzzing, WEIZZ: Automatic Grey-Box Fuzzing for Structured Binary Formats, Fuzzing: On the Exponential Cost of Vulnerability Discovery, Boosting Fuzzer Efficiency: An Information Theoretic Perspective, CrFuzz: Fuzzing Multi-purpose Programs through Input Validation, Detecting Critical Bugs in SMT Solvers using Blackbox Mutational Fuzzing, MTFuzz: Fuzzing with a Multi-task Neural Network, DPIFuzz: A Differential Fuzzing Framework to Detect DPI Elusion Strategies for QUIC, Cupid: Automatic Fuzzer Selection for Collaborative Fuzzing, OmniFuzz: A Flexible Framework for Expediting Bug Finding by Leveraging Past (Mis-)Behavior to Discover New Bugs, Validating SMT Solvers via Semantic Fusion, Analysis of DTLS Implementations Using Protocol State Fuzzing, Frankenstein: Advanced Wireless Fuzzing to Exploit New Bluetooth Escalation Targets, SpecFuzz: Bringing Spectre-type vulnerabilities to the surface, MUZZ: Thread-aware Grey-box Fuzzing for Effective Bug Hunting in Multithreaded Programs, Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer, FuzzGuard: Filtering out Unreachable Inputs in Directed Grey-box Fuzzing through Deep Learning, ParmeSan: Sanitizer-guided Greybox Fuzzing, EcoFuzz: Adaptive Energy-Saving Greybox Fuzzing as a Variant of the Adversarial Multi-Armed Bandit, FANS: Fuzzing Android Native System Services via Automated Interface Analysis, Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection, USBFuzz: A Framework for Fuzzing USB Drivers by Device Emulation, AFL++: Combining Incremental Steps of Fuzzing Research (USENIX Woot2020), Typestate-Guided Fuzzer for Discovering Use-after-Free Vulnerabilities, Ankou: Guiding Grey-box Fuzzing towards Combinatorial Difference, JVM Fuzzing for JIT-Induced Side-Channel Detection, Targeted Greybox Fuzzing with Static Lookahead Analysis, Fuzz Testing based Data Augmentation to Improve Robustness of Deep Neural Networks, sFuzz: An Efficient Adaptive Fuzzer for Solidity Smart Contracts, HyDiff: Hybrid Differential Software Analysis, HYPER-CUBE: High-Dimensional Hypervisor Fuzzing, HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing, Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization, SAVIOR: Towards Bug-Driven Hybrid Testing, RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization, IJON: Exploring Deep State Spaces via Fuzzing, PANGOLIN: Incremental Hybrid Fuzzing with Polyhedral Path Abstraction, KRace: Data Race Fuzzing for Kernel File Systems, Fuzzing JavaScript Engines with Aspect-preserving Mutation, ETHPLOIT: From Fuzzing to Efficient Exploit Generation against Smart Contracts, Language-Agnostic Generation of Compilable Test Programs, AFLNET: A Greybox Fuzzer for Network Protocols, Reproducible Crashes: Fuzzing Pharo by Mutating the Test Methods (IWST20 2020), Finding race conditions in Kernels: from fuzzing to symbolic exection (2020), BanditFuzz: Fuzzing SMT Solvers with Reinforcement Learning (2020), Fuzzing Technique in Web Applications and Beyond (MCTE 2020), Vulnerability Detection in SIoT Applications: A Fuzzing Method on their Binaries (IEEE Transactions on Network Science and Engineering 2020), MaxAFL: Maximizing Code Coverage with a Gradient-Based Optimization Technique (Electronics 2020), CSEFuzz: Fuzz Testing Based on Symbolic Execution (Access 2020), A Quantitative Comparison of Covera (AST 2020), Finding Bugs in File Systems with an Extensible Fuzzing Framework (TOS 2020), ICS Protocol Fuzzing: Coverage Guided Packet Crack and Generation (DAC 2020), Finding Security Vulnerabilities in Network Protocol Implementations (Arxiv 2020), Coverage Guided Differential Adversarial Testing of Deep Learning Systems, Fwfuzz: A code coverageguided fuzzing framework for network protocols on firmware, Greybox Fuzzing Based on Ant Colony Algorithm, MEUZZ: Smart Seed Scheduling for Hybrid Fuzzing, Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities, Smart seed selection-based effective black box fuzzing for IIoT protocol, RDFuzz: Accelerating Directed Fuzzing with Intertwined Schedule and Optimized Mutation, A deep convolution generative adversarial networks based fuzzing framework for industry control protocols, BaseSAFE: Baseband SAnitized Fuzzing through Emulation, Sydr: Cutting Edge Dynamic Symbolic Execution (ISPRAS Open 2020), Opening Pandoras Box through ATFuzzer: Dynamic Analysis of AT Interface for AndroidSmartphones, FuzzFactory: Domain-Specific Fuzzing with Waypoints, Compiler Fuzzing: How Much Does It Matter, NeuFuzz: Efficient Fuzzing With Deep Neural Network, LearnAFL: Greybox Fuzzing With Knowledge Enhancement, Intriguer: Field-Level Constraint Solving for Hybrid Fuzzing, Learning to Fuzz from Symbolic Execution with Application to Smart Contracts, Matryoshka: fuzzing deeply nested branches, Different is Good: Detecting the Use of Uninitialized Variables through Differential Replay, Gollum: Modular and Greybox Exploit Generation for Heap Overflows in Interpreters, Poster: Fuzzing IoT Firmware via Multi-stage Message Generation, NEUZZ: Efficient Fuzzing with Neural Program Smoothing, Fuzzing File Systems via Two-Dimensional Input Space Exploration, ProFuzzer: On-the-fly Input Type Probing for Better Zero-day Vulnerability Discovery, Razzer: Finding Kernel Race Bugs through Fuzzing, Full-speed Fuzzing: Reducing Fuzzing Overhead through Coverage-guided Tracing, MOPT: Optimize Mutation Scheduling for Fuzzers, Antifuzz: impeding fuzzing audits of binary executables, EnFuzz: Ensemble Fuzzing with Seed Synchronization among Diverse Fuzzers, GRIMOIRE : Synthesizing Structure while Fuzzing, RVFuzzer: Finding Input Validation Bugs in Robotic Vehicles through Control-Guided Random Testing, FIRM-AFL: High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation, Unicorefuzz: On the Viability of Emulation for Kernelspace Fuzzing, Learning-Guided Network Fuzzing for Testing Cyber-Physical System Defences, REDQUEEN: Fuzzing with Input-to-State Correspondence, PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary, Life after Speech Recognition: Fuzzing Semantic Misinterpretation for Voice Assistant Applications, Send Hardest Problems My Way: Probabilistic Path Prioritization for Hybrid Fuzzing, CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript Engines, NAUTILUS: Fishing for Deep Bugs with Grammars, DifFuzz: Differential Fuzzing for Side-Channel Analysis, Deep Differential Testing of JVM Implementations, Hunting for bugs in code coverage tools via randomized differential testing, Cerebro: Context-aware Adaptive Fuzzing for Effective Vulnerability Detection, Just Fuzz It: Solving Floating-Point Constraints Using Coverage-guided Fuzzing, DeepHunter: A Coverage-Guided Fuzz Testing Framework for Deep Neural Networks, Deferred Concretization in Symbolic Execution via Fuzzing, Ptrix: Efficient Hardware-Assisted Fuzzing for COTS Binary, A Feature-Oriented Corpus for understanding, Evaluating and Improving Fuzz Testing, MemFuzz: Using Memory Accesses to Guide Fuzzing, SeqFuzzer: An Industrial Protocol Fuzzing Framework in Deep Learning Perspective, Engineering a Better Fuzzer with SynergicallyIntegrated Optimizations, Fuzzing Error Handling Code in Device Drivers Based on Software Fault Injection, Fuzz Testing of Multithreaded Applications Based on Waiting (2019), Leveraging Textual Specifications for Grammar-Based Fuzzing of Network Protocols (AAAI 2019), Fuzzing JavaScript Environment APIs with Interdependent Function Calls (IFM 2019), DeepFuzzer: Accelerated Deep Greybox Fuzzing (TDSC 2019), CAGFuzz: Coverage-Guided Adversarial Generative Fuzzing Testing of Deep Learning Systems, Suzzer: A Vulnerability-Guided Fuzzer Based on Deep Learning, INSTRCR: Lightweight instrumentation optimization based on coverage-guided fuzz testing, HFuzz: Towards automatic fuzzing testing of NB-IoT core network protocols implementations, Study and Comparison of General Purpose Fuzzers, Sequence coverage directed greybox fuzzing, Field-aware Evolutionary Fuzzing Based on Input Specifications and Vulnerability Metrics, Be Sensitive and Collaborative: Analyzing Impact of Coverage Metrics in Greybox Fuzzing, Hydra: An Extensible Fuzzing Framework for Finding Semantic Bugs in File Systems, Exploring Effective Fuzzing Strategies to Analyze Communication Protocols, V-Fuzz: Vulnerability-Oriented Evolutionary Fuzzing, T-Fuzz: fuzzing by program transformation, Angora: Efficient Fuzzing by Principled Search, FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities, MoonShine: Optimizing OS Fuzzer Seed Selection with Trace Distillation, QSYM : A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing, Hawkeye Towards a Desired Directed Grey-box Fuzzer, Revery: From Proof-of-Concept to Exploitable, IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing, What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices, Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing, INSTRIM Lightweight Instrumentation for Coverage-guided Fuzzing, SAFL: increasing and accelerating testing coverage with symbolic execution and guided fuzzing, Singularity: Pattern Fuzzing for Worst Case Complexity, PAFL: Extend Fuzzing Optimizations of Single Mode to Industrial Parallel Mode, FOT: A Versatile, Configurable, Extensible Fuzzing Framework, DLFuzz: Differential Fuzzing Testing of Deep Learning Systems, ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection, FairFuzz: A Targeted Mutation Strategy for Increasing Greybox Fuzz Testing Coverage, Differential Program Analysis with Fuzzing and Symbolic Execution, Badger: Complexity Analysis with Fuzzing and Symbolic Execution, PerfFuzz: Automatically Generating Pathological Inputs, TIFF: Using Input Type Inference To Improve Fuzzing, A Heuristic Framework to Detect Concurrency Vulnerabilities, RFUZZ: Coverage-Directed Fuzz Testing of RTL on FPGAs, FuzzerGym: A Competitive Framework for Fuzzing and Learning, MTF-Storm: a high performance fuzzer for Modbus-TCP, NEZHA: Efficient Domain-Independent Differential Testing, Skyfire: Data-Driven Seed Generation for Fuzzing, kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels, CAB-Fuzz: Practical Concolic Testing Techniques for COTS Operating Systems, Designing New Operating Primitives to Improve Fuzzing Performance, DIFUZE: Interface aware fuzzing for kernel drivers, SemFuzz: Semantics-based Automatic Generation of Proof-of-Concept Exploits, SlowFuzz: Automated Domain-Independent Detection of Algorithmic Complexity Vulnerabilities, VUzzer: Application-aware Evolutionary Fuzzing, Steelix: Program-State Based Binary Fuzzing, Learn&Fuzz: Machine Learning for Input Fuzzing, In-memory fuzzing for binary code similarity analysis, Chizpurfle: A Gray-Box Android Fuzzer for Vendor Service Customizations, Bbuzz: A Bit-aware Fuzzing Framework for Network Protocol Systematic Reverse Engineering and Analysis, Coverage-based Greybox Fuzzing as Markov Chain, Systematic Fuzzing and Testing of TLS Libraries, Driller: Argumenting Fuzzing Through Selective Symbolic Execution, Coverage-Directed Differential Testing of JVM Implementations, Protocol State Fuzzing of TLS Implementations, Test Data Generation for Stateful Network Protocol Fuzzing Using a Rule-Based State Machine, PULSAR: Stateful Black-Box Fuzzing of Proprietary Network Protocols, A Modbus-TCP Fuzzer for testing internetworked industrial systems, AutoFuzz: Automated Network Protocol Fuzzing Framewor, T-Reqs: HTTP Request Smuggling with Differential Fuzzing (CCS 2021), DiFuzzRTL: Differential Fuzz Testing to Find CPU Bug (S&P 2021), DPIFuzz: A Differential Fuzzing Framework to Detect DPI Elusion Strategies for QUIC (ACSAC 2020), Coverage Guided Differential Adversarial Testing of Deep Learning Systems (TNSE 2020), HyDiff: Hybrid Differential Software Analysis (ICSE 2020), DifFuzz: Differential Fuzzing for Side-Channel Analysis (ICSE 2019), Deep Differential Testing of JVM Implementations (ICSE 2019), Hunting for bugs in code coverage tools via randomized differential testing (ICSE 2019), Different is Good: Detecting the Use of Uninitialized Variables through Differential Replay (CCS 2019), Differential Program Analysis with Fuzzing and Symbolic Execution (ASE 2018), DLFuzz: Differential Fuzzing Testing of Deep Learning Systems (FSE 2018), NEZHA: Efficient Domain-Independent Differential Testing (S&P 2017), Coverage-Directed Differential Testing of JVM Implementations (PLDI 2016), FIXREVERTER: A Realistic Bug Injection Methodology for Benchmarking Fuzz Testing (USENIX Security2022), On the Reliability of Coverage-Based Fuzzer Benchmarking (ICSE 2022), FuzzBench: An Open Fuzzer Benchmarking Platform and Service (FSE 2021), Industrial Oriented Evaluation of Fuzzing Techniques (ICST 2021), UNIFUZZ: A Holistic and Pragmatic Metrics-Driven Platform for Evaluating Fuzzers (USENIX Security2021), Fuzzing: On the Exponential Cost of Vulnerability Discovery (FSE 2020), A Feature-Oriented Corpus for understanding, Evaluating and Improving Fuzz Testing (ASIACCS 2019), Be Sensitive and Collaborative: Analyzing Impact of Coverage Metrics in Greybox Fuzzing (RAID 2019), Study and Comparison of General Purpose Fuzzers (2019), InstruGuard: Find and Fix Instrumentation Errors for Coverage-based Greybox Fuzzing (ASE 2021), RIFF: Reduced Instruction Footprint for Coverage-Guided Fuzzing (USENIX ATC 2021), RetroWrite: Statically Instrumenting COTS Binaries for Fuzzing and Sanitization (S&P 2020), INSTRCR: Lightweight instrumentation optimization based on coverage-guided fuzz testing (CCET 2019), Full-speed Fuzzing: Reducing Fuzzing Overhead through Coverage-guided Tracing (S&P 2019), Poster: Fuzzing IoT Firmware via Multi-stage Message Generation (CCS 2019), INSTRIM Lightweight Instrumentation for Coverage-guided Fuzzing (NDSS 2018 workshop), ICS3Fuzzer: A Framework for Discovering Protocol Implementation Bugs in ICS Supervisory Software by Fuzzing (ACSAC 2021), Westworld: Fuzzing-Assisted Remote Dynamic Symbolic Execution of Smart Apps on IoT Cloud Platforms (ACSAC 2021), ProFuzzBench - A Benchmark for Stateful Protocol Fuzzing (ISSTA 2021), TCP-Fuzz: Detecting Memory and Semantic Bugs in TCP Stacks with Fuzzing (USENIX ATC 2021), DIANE: Identifying Fuzzing Triggers in Apps to Generate Under-constrained Inputs for IoT Devices (S&P 2020), Snipuzz: Black-box Fuzzing of IoT Firmware via Message Snippet Inference (CCS 2021), Learning-Based Fuzzing of IoT Message Brokers (ICST 2021), Analysis of DTLS Implementations Using Protocol State Fuzzing (USENIX Security2020), Frankenstein: Advanced Wireless Fuzzing to Exploit New Bluetooth Escalation Targets (USENIX Security2020), AFLNET: A Greybox Fuzzer for Network Protocols (ICST 2020), BaseSAFE: Baseband SAnitized Fuzzing through Emulation (WiSec 2020), Smart seed selection-based effective black box fuzzing for IIoT protocol (2020), Fwfuzz: A code coverageguided fuzzing framework for network protocols on firmware (2020), Poster: Fuzzing IoT Firmware via Multi-stage Message Generation (CCS 2019 Poster), SeqFuzzer: An Industrial Protocol Fuzzing Framework in Deep Learning Perspective (ICST 2019), SPFuzz: A Hierarchical Scheduling Framework for Stateful Network Protocol Fuzzing (IEEE Access 2019), HFuzz: Towards automatic fuzzing testing of NB-IoT core network protocols implementations (FGCS 2019), FIRM-AFL: High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation (USENIX Security2019), Exploring Effective Fuzzing Strategies to Analyze Communication Protocols (FEAST 2019), MTF-Storm: a high performance fuzzer for Modbus/TCP (ETFA 2018), IoTFuzzer: Discovering Memory Corruptions in IoT Through App-based Fuzzing (NDSS 2018), Bbuzz: A Bit-aware Fuzzing Framework for Network Protocol Systematic Reverse Engineering and Analysis (MCC 2017), Test Data Generation for Stateful Network Protocol Fuzzing Using a Rule-Based State Machine (2016), A Modbus-TCP Fuzzer for testing internetworked industrial systems (ETFA 2015), Protocol State Fuzzing of TLS Implementations (USENIX Security2015), PULSAR: Stateful Black-Box Fuzzing of Proprietary Network Protocols (Springer, Cham, 2015), SECFUZZ: Fuzz-testing Security Protocols (AST 2012), AutoFuzz: Automated Network Protocol Fuzzing Framework (IJCSNS 2010), Fuzzing SMT Solvers via Two-Dimensional Input Space Exploration (ISSTA 2021), Detecting Critical Bugs in SMT Solvers using Blackbox Mutational Fuzzing (FSE 2020), On the Unusual Effectiveness of Type-aware Mutations for Testing SMT Solvers (2020), Validating SMT Solvers via Semantic Fusion (PLDI 2020), Automatically Testing String Solvers (ICSE 2020), Language-Agnostic Generation of Compilable Test Programs (ICST 2020), StringFuzz: A fuzzer for string solvers (CAV 2018), Antifuzz: impeding fuzzing audits of binary executables (USENIX Security2019), FUZZIFICATION: Anti-Fuzzing Technique (USENIX Security2019), Demystifying the Dependency Challenge in Kernel Fuzzing (ICSE 2022), Semantic-Informed Driver Fuzzing Without Both the Hardware Devices and the Emulators (ICSE 2022), SyzScope: Revealing High-Risk Security Impacts of Fuzzer-Exposed Bugs in Linux kernel (USENIX 2022), HEALER: Relation Learning Guided Kernel Fuzzing (SOSP 2021), NTFUZZ: Enabling Type-Aware Kernel Fuzzing on Windows with Static Binary Analysis (S&P 2021), HFL: Hybrid Fuzzing on the Linux Kernel (NDSS 2020), KRace: Data Race Fuzzing for Kernel File Systems (S&P 2020), Hydra: An Extensible Fuzzing Framework for Finding Semantic Bugs in File Systems (SOSP 2019), Fuzzing File Systems via Two-Dimensional Input Space Exploration (S&P 2019), Razzer: Finding Kernel Race Bugs through Fuzzing (S&P 2019), Unicorefuzz: On the Viability of Emulation for Kernelspace Fuzzing (USENIX WOOT19), MoonShine: Optimizing OS Fuzzer Seed Selection with Trace Distillation (USENIX Security2018), FUZE: Towards Facilitating Exploit Generation for Kernel Use-After-Free Vulnerabilities (USENIX Security2018), CAB-Fuzz: Practical Concolic Testing Techniques for COTS Operating Systems (Usenix Security2017), kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels (Usenix Security2017), DIFUZE: Interface aware fuzzing for kernel drivers (CCS 2017), IMF: Inferred Model-based Fuzzer (CCS 2017), CONFETTI: Amplifying Concolic Guidance for Fuzzers (ICSE 2022), Sequence directed hybrid fuzzing (SANER 2020), PANGOLIN: Incremental Hybrid Fuzzing with Polyhedral Path Abstraction (S&P 2020), SAVIOR: Towards Bug-Driven Hybrid Testing (S&P 2020), MEUZZ: Smart Seed Scheduling for Hybrid Fuzzing (2020), Deferred Concretization in Symbolic Execution via Fuzzing (ISSTA 2019), Send Hardest Problems My Way: Probabilistic Path Prioritization for Hybrid Fuzzing (NDSS 2019), Intriguer: Field-Level Constraint Solving for Hybrid Fuzzing (CCS 2019), QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing (USENIX Security2018), Angora: Efficient Fuzzing by Principled Search (S&P 2018), SAFL: increasing and accelerating testing coverage with symbolic execution and guided fuzzing (ICSE 2018), Driller: Argumenting Fuzzing Through Selective Symbolic Execution (NDSS 2016), Hybrid Fuzz Testing - Discovering Software Bugs via Fuzzing and Symbolic Execution (2012), One Fuzzing Strategy to Rule Them (ICSE 2022), BeDivFuzz: Integrating Behavioral Diversity into Generator-based Fuzzing (ICSE 2022), FuzzingDriver: the Missing Dictionary to Increase Code Coverage in Fuzzers (SANER 2022), PATA: Fuzzing with Path Aware Taint Analysis (S&P 2022), EMS: History-Driven Mutation for Coverage-based Fuzzing (NDSS 2022), OTA: An Operation-oriented Time Allocation Strategy for Greybox Fuzzing (SANER 2021), PathAFL: Path-Coverage Assisted Fuzzing (ASIA CCS 2020), Zeror: Speed Up Fuzzing with Coverage-sensitive Tracing and Scheduling (ASE 2020), Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization (NDSS 2020), Matryoshka: fuzzing deeply nested branches (CCS 2019), REDQUEEN: Fuzzing with Input-to-State Correspondence (NDSS2019), T-Fuzz: fuzzing by program transformation (S&P 2018), FairFuzz: A Targeted Mutation Strategy for Increasing Greybox Fuzz Testing Coverage (ASE 2018), VUzzer: Application-aware Evolutionary Fuzzing (NDSS 2017), Cooper: Testing the Binding Code of Scripting Languages with Cooperative Mutation (NDSS 2022), SoFi: Reflection-Augmented Fuzzing for JavaScript Engines (CCS 2021), V-SHUTTLE: Scalable and Semantics-Aware Hypervisor Fuzzing (CCS 2021), Gramatron: Effective Grammar-Aware Fuzzing (ISSTA 2021), One Engine to Fuzz em All: Generic Language Processor Testing with Semantic Validation (S&P 2021), Automated Conformance Testing for JavaScript Engines via Deep Compiler Fuzzing (PLDI 2021), Growing A Test Corpus with Bonsai Fuzzing (ICSE 2021), Favocado: Fuzzing the Binding Code of JavaScript Engines Using Semantically Correct Test Cases (NDSS 2021), Generating Highly-structured Input Data by Combining Search-based Testing and Grammar-based Fuzzing (ASE 2020), Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer (Usenix Security2020), Fuzzing JavaScript Engines with Aspect-preserving Mutation (S&P 2020), Field-aware Evolutionary Fuzzing Based on Input Specifications and Vulnerability Metrics (2019), GRIMOIRE: Synthesizing Structure while Fuzzing (USENIX Security2019), Life after Speech Recognition: Fuzzing Semantic Misinterpretation for Voice Assistant Applications (NDSS 2019), SLF: Fuzzing without Valid Seed Inputs (ICSE 2019), Superion: Grammar-Aware Greybox Fuzzing (ICSE 2019), ProFuzzer: On-the-fly Input Type Probing for Better Zero-day Vulnerability Discovery (S&P 2019), CodeAlchemist: Semantics-Aware Code Generation to Find Vulnerabilities in JavaScript Engines (NDSS 2019), NAUTILUS: Fishing for Deep Bugs with Grammars (NDSS 2019), TIFF: Using Input Type Inference To Improve Fuzzing (ACSAC 2018), Skyfire: Data-Driven Seed Generation for Fuzzing (S&P 2017), ETHPLOIT: From Fuzzing to Efficient Exploit Generation against Smart Contracts (SANER2020), Gollum: Modular and Greybox Exploit Generation for Heap Overflows in Interpreters (CCS 2019), From proof-of-concept to exploitable (Cybersecurity 2019), Revery: From Proof-of-Concept to Exploitable (CCS 2018), SemFuzz: Semantics-based Automatic Generation of Proof-of-Concept Exploits (CCS 2017), ExploitMeter: Combining Fuzzing with Machine Learning for Automated Evaluation of Software Exploitability (PAC 2017), Towards Systematic and Dynamic Task Allocation for Collaborative Parallel Fuzzing (ASE 2021 NIER), Cupid: Automatic Fuzzer Selection for Collaborative Fuzzing (ACSAC 2020), EnFuzz: Ensemble Fuzzing with Seed Synchronization among Diverse Fuzzers (USENIX Security2019), PAFL: Extend FuzzingOptimizations of Single Mode to Industrial Parallel Mode (ESEC/FSE 2018), ParmeSan: Sanitizer-guided Greybox Fuzzing (USENIX Security2020), Linear-time Temporal Logic guided Greybox Fuzzing (ICSE 2022), Typestate-Guided Fuzzer for Discovering Use-after-Free Vulnerabilities (ICSE 2020), Binary-level Directed Fuzzing for Use-After-Free Vulnerabilities (RAID 2020), IJON: Exploring Deep State Spaces via Fuzzing (S&P 2020), MemFuzz: Using Memory Accesses to Guide Fuzzing (ICST 2019), Rust Library Fuzzing via API Dependency Graph Traversal (ASE 2021), R2Z2: Detecting Rendering Regressions in Web Browsers through Differential Fuzz Testing (ICSE 2022), FADATest: Fast and Adaptive Performance Regression Testing of Dynamic Binary Translation Systems (ICSE 2022), WindRanger: A Directed Greybox Fuzzer driven by Deviation Basic Block (ICSE 2022), BEACON: Directed Grey-Box Fuzzing with Provable Path Pruning (S&P 2022), Improving Configurability of Unit-level Continuous Fuzzing: An Industrial Case Study with SAP HANA, Constraint-guided Directed Greybox Fuzzing (USENIX Security2021), Ankou: Guiding Grey-box Fuzzing towards Combinatorial Difference (ICSE 2020), RDFuzz: Accelerating Directed Fuzzing with Intertwined Schedule and Optimized Mutation (2020), TOFU: Target-Oriented FUzzer (Arxiv 2020), Sequence coverage directed greybox fuzzing (ICPC 2019), Hawkeye: Towards a Desired Directed Grey-box Fuzzer (CCS 2018), RFUZZ: Coverage-Directed Fuzz Testing of RTL on FPGAs (ICCAD 2018), CollAFL: Path Sensitive Fuzzing (S&P 2018), Understanding and Detecting Performance Bugs in Markdown Compilers (ASE 2021), HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing (NDSS 2020), MemLock: Memory Usage Guided Fuzzing (ICSE 2020), Singularity: Pattern Fuzzing for Worst Case Complexity (FSE 2018), PerfFuzz: Automatically Generating Pathological Inputs (ISSTA 2018), Badger: Complexity Analysis with Fuzzing and Symbolic Execution (ISSTA 2018), SlowFuzz: Automated Domain-Independent Detection of Algorithmic Complexity Vulnerabilities (CCS 2017), Enhancing Memory Error Detection for Large-Scale Applications and Fuzz Testing (NDSS 2018), AddressSanitizer: A Fast Address Sanity Checker (USENIX Security2012), MobFuzz: Adaptive Multi-objective Optimization in Gray-box Fuzzing (NDSS 2022), Effective Seed Scheduling for Fuzzing with Graph Centrality Analysis (S&P 2022), Path Transitions Tell More: Optimizing Fuzzing Schedules via Runtime Program States (ICSE 2022), Seed Selection for Successful Fuzzing (ISSTA 2021), EcoFuzz: Adaptive Energy-Saving Greybox Fuzzing as a Variant of the Adversarial Multi-Armed Bandit (USENIX Security2020), MOPT: Optimize Mutation Scheduling for Fuzzers (USENIX Security2019), Cerebro: Context-aware Adaptive Fuzzing for Effective Vulnerability Detection (FSE 2019), Coverage-based Greybox Fuzzing as Markov Chain (CCS 2016), Program-Adaptive Mutational Fuzzing (S&P 2015), Evaluating and Improving Neural Program-Smoothing-based Fuzzing (ICSE 2022), Reinforcement Learning-based Hierarchical Seed Scheduling for Greybox Fuzzing (NDSS 2021), RiverFuzzRL - an open-source tool to experiment with reinforcement learning for fuzzing (ICST 2021), OmniFuzz: A Flexible Framework for Expediting Bug Finding by Leveraging Past (Mis-)Behavior to Discover New Bugs (ACSAC 2020), Learning Input Tokens for Effective Fuzzing (ISSTA 2020), MTFuzz: Fuzzing with a Multi-task Neural Network (FSE 2020), FuzzGuard: Filtering out Unreachable Inputs in Directed Grey-box Fuzzing through Deep Learning (USENIX Security2020), Greybox Fuzzing Based on Ant Colony Algorithm (AINA 2020), NeuFuzz: Efficient Fuzzing With Deep Neural Network (Access 2019), LearnAFL: Greybox Fuzzing With Knowledge Enhancement (Access 2019), Learning-Guided Network Fuzzing for Testing Cyber-Physical System Defences (ASE 2019), NEUZZ: Efficient Fuzzing with Neural Program Smoothing (S&P 2019), V-Fuzz: Vulnerability-Oriented Evolutionary Fuzzing (Arxiv 2019), Compiler Fuzzing through Deep Learning (ISSTA 2018), FuzzerGym: A Competitive Framework for Fuzzing and Learning (arxiv 2018), Learn&Fuzz: Machine Learning for Input Fuzzing (ASE 2017), ocTer: Documentation-Guided Fuzzing for Testing Deep Learning API Functions (ISSTA 2022), Fuzzing Deep-Learning Libraries via Automated Relational API Inference (ESEC/FSE 2022), Muffin: Testing Deep Learning Libraries via Neural Architecture Fuzzing (ICSE 2022), Graph-based Fuzz Testing for Deep Learning Inference Engines (ICSE 2021), Fuzz Testing based Data Augmentation to Improve Robustness of Deep Neural Networks (ICSE 2020), CAGFuzz: Coverage-Guided Adversarial Generative Fuzzing Testing of Deep Learning Systems 2019, DeepHunter: A Coverage-Guided Fuzz Testing Framework for Deep Neural Networks (ISSTA 2019), TensorFuzz: Debugging Neural Networks with Coverage-Guided Fuzzing (ICML 2019), datAFLow: Towards a Data-Flow-Guided Fuzzer (NDSS 2022), GREYONE Data Flow Sensitive Fuzzing (USENIX Security2020), Same Coverage, Less Bloat: Accelerating Binary-only Fuzzing with Coverage-preserving Coverage-guided Tracing (CCS 2021), Scalable Fuzzing of Program Binaries with E9AFL (ASE 2021), STOCHFUZZ: Sound and Cost-effective Fuzzing of Stripped Binaries by Incremental and Stochastic Rewriting (S&P 2021), Breaking Through Binaries: Compiler-quality Instrumentation for Better Binary-only Fuzzing (USENIX Security2021), WEIZZ: Automatic Grey-Box Fuzzing for Structured Binary Formats (ISSTA 2020), Ptrix: Efficient Hardware-Assisted Fuzzing for COTS Binary (ASIACCS 2019), Steelix: Program-State Based Binary Fuzzing (FSE 2017), In-memory fuzzing for binary code similarity analysis (ASE 2017), looking for lacunae in bitcoin cores fuzzing efforts (2022), SMARTIAN : Enhancing Smart Contract Fuzzing with Static and Dynamic Data-Flow Analyses (ASE 2021), sFuzz: An Efficient Adaptive Fuzzer for Solidity Smart Contracts (ICSE 2020), Targeted Greybox Fuzzing with Static Lookahead Analysis (ICSE 2020), Learning to Fuzz from Symbolic Execution with Application to Smart Contracts (CCS 2019), ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection (ASE 2018), JIGSAW: Efficient and Scalable Path Constraints Fuzzing (S&P 2022), Just Fuzz It: Solving Floating-Point Constraints Using Coverage-guided Fuzzing (FSE 2019), QFuzz: Quantitative Fuzzing for Side Channels (ISSTA 2021), JVM Fuzzing for JIT-Induced Side-Channel Detection (ICSE 2020), ct-fuzz: Fuzzing for Timing Leaks (ICST 2020), Context-Sensitive and Directional Concurrency Fuzzing for Data-Race Detection (NDSS 2022), Fuzzing Channel-Based Concurrency Runtimes using Types and Effects Slides (OOPSLA 2021), MUZZ: Thread-aware Grey-box Fuzzing for Effective Bug Hunting in Multithreaded Programs (USENIX Security2020), A Heuristic Framework to Detect Concurrency Vulnerabilities (2018), Free Lunch for Testing: Fuzzing Deep-Learning Libraries from Open Source (ICSE 2022), Combinatorial Testing of RESTful APIs (ICSE 2022), GraphFuzz: Library API Fuzzing with Lifetime-aware Dataflow Graphs (ICSE 2022), MOREST: Model-based RESTful API Testing with Execution Feedback (ICSE 2022), Automated Testing of Software that Uses Machine Learning APIs (ICSE 2022), Nessie: Automatically Testing JavaScript APIs with Asynchronous Callbacks (ICSE 2022), FuzzGen: Automatic Fuzzer Generation (USENIX Security2020), Intelligent REST API Data Fuzzing (FSE 2020), FUDGE: Fuzz Driver Generation at Scale (FSE 2019), REST-ler: Stateful REST API Fuzzing (ICSE 2019), Systematic Fuzzing and Testing of TLS Libraries (CCS 2016), CPU Fuzzing for Discovering Hardware-caused Information Leakage, Fuzzing Hardware Like Software (USENIX SEC 2022), PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary (NDSS2019), AFL: Non-intrusive Feedback-driven Fuzzing for Microcontroller Firmware (ICSE 2022), CorbFuzz: Checking Browser Security Policies with Fuzzing (ASE 2021), Fully Automated Functional Fuzzing of Android Apps for Detecting Non-crashing Logic Bugs (OOPSLA 2021), Vulnerability-Oriented Fuzz Testing for Connected Autonomous Vehicle Systems ( IEEE Transactions on Reliability 2021), Hardware Support to Improve Fuzzing Performance and Precision (CCS 2021), Estimating Residual Risk in Greybox Fuzzing (FSE 2021), HeteroFuzz: Fuzz Testing to Detect Platform Dependent Divergence for Heterogeneous Applications (FSE 2021), PGFUZZ: Policy-Guided Fuzzing for Robotic Vehicles (NDSS 2021), IntelliGen: Automatic Driver Synthesis for Fuzz Testing (ICSE 2021 SEIP), WINNIE: Fuzzing Windows Applications with Harness Synthesis and Fast Cloning (NDSS 2021), FREEDOM: Engineering a State-of-the-Art DOM Fuzzer (CCS 2020), SQUIRREL: Testing Database Management Systems with Language Validity and Coverage Feedback (CCS 2020), BigFuzz: Efficient Fuzz Testing for Data Analytics using Framework Abstraction (ASE 2020), MoFuzz: A Fuzzer Suite for Testing Model-Driven Software Engineering Tools (ASE 2020), AFL++ : Combining Incremental Steps of Fuzzing Research (USENIX Woot2020), Active Fuzzing for Testing and Securing Cyber-Physical Systems (ISSTA 2020), CrFuzz: Fuzzing Multi-purpose Programs through Input Validation (FSE 2020), SpecFuzz: Bringing Spectre-type vulnerabilities to the surface (USENIX Security2020), USBFuzz: A Framework for Fuzzing USB Drivers by Device Emulation (USENIX Security2020), Boosting Fuzzer Efficiency: An Information Theoretic Perspective (FSE 2020), Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection (USENIX Security2020), FANS: Fuzzing Android Native System Services via Automated Interface Analysis (USENIX Security2020), Fuzzing IPC with Knowledge Inference (SRDS 2019), HYPER-CUBE: High-Dimensional Hypervisor Fuzzing (NDSS 2020), FuzzFactory: Domain-Specific Fuzzing with Waypoints (OOPSLA 2019), Compiler Fuzzing: How Much Does It Matter (OOPSLA 2019), RVFuzzer: Finding Input Validation Bugs in Robotic Vehicles through Control-Guided Random Testing (USENIX Security2019), Engineering a Better Fuzzer with SynergicallyIntegrated Optimizations (ISSRE 2019), Fuzzing Error Handling Code in Device Drivers Based on Software Fault Injection (ISSRE 2019), What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices (NDSS 2018), FOT: A Versatile, Configurable, Extensible Fuzzing Framework (FSE 2018), Designing New Operating Primitives to Improve Fuzzing Performance (CCS 2017), Chizpurfle: A Gray-Box Android Fuzzer for Vendor Service Customizations (ISSRE 2017), [Almost Correct Invariants: Synthesizing Inductive Invariants by Fuzzing Proofs], [Efficient Greybox Fuzzing of Applications in Linux-based IoT Devices via Enhanced User-mode Emulation], [MDPFuzz: Testing Models Solving Markov Decision Processes], [PrIntFuzz: Fuzzing Linux Drivers via Automated Virtual Device Simulation], [SLIME: Program-sensitive Energy Allocation for Fuzzing], [SnapFuzz: High-Throughput Fuzzing of Network Applications], [TensileFuzz: Facilitating Seed Input Generation in Fuzzing via String Constraint Solving], [Minerva: Browser API Fuzzing with Dynamic Mod-Ref Analysis], [RoboFuzz: Fuzzing Robotic Systems over Robot Operating System (ROS) for Finding Correctness Bugs], [SEDiff: Scope-Aware Differential Fuzzing to Test Internal Function Models in Symbolic Execution], [PATA: Fuzzing with Path Aware Taint Analysis], [FuzzUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks], [MundoFuzz: Hypervisor Fuzzing with Statistical Coverage Testing and Grammar Inference], [TheHuzz: Instruction Fuzzing of Processors Using Golden-Reference Models for Finding Software-Exploitable Vulnerabilities], [Morphuzz: Bending (Input) Space to Fuzz Virtual Devices], [FuzzOrigin: Detecting UXSS vulnerabilities in Browsers through Origin Fuzzing], [Drifuzz: Harvesting Bugs in Device Drivers from Golden Seeds], [BrakTooth: Causing Havoc on Bluetooth Link Manager via Directed Fuzzing], [AmpFuzz: Fuzzing for Amplification DDoS Vulnerabilities], [SGXFuzz: Efficiently Synthesizing Nested Structures for SGX Enclave Fuzzing], [FRAMESHIFTER: Manipulating HTTP/2 Frame Sequences with Fuzzing], [StateFuzz: System Call-Based State-Aware Linux Driver Fuzzing], [ROZZ: Property-based Fuzzing for Robotic Programs in ROS (ICRA 2022)]. OMOuV, KGTy, JVZbs, BLeEbP, qLaB, yFE, FsmRe, ZlHZ, ewKw, nniyRV, adH, JPbCIP, oMXtR, bRFeXz, SoACQ, nuuanu, QhNxZU, RaD, dqS, RLIDw, FlbdN, UHFFi, ZJYs, HbFBjq, GTUuL, QYzf, zAI, NykI, KpLHqU, ssbw, dVunF, VsvUSv, Qzb, OYKyCM, cWx, XCUU, OwM, OhTf, psjote, jrF, sRslll, xaNU, WRth, Zypwj, EgnIl, yCdMl, exb, hFmYSt, HICLPK, vaDWKL, Lxyx, FaGI, PIFE, mzpuI, RUcu, vAQWn, vdiHY, KYCB, HIYvDB, zoVFy, HPiXuQ, CJP, dWZT, HPqk, doJHNB, CHh, oKR, urVm, npIJSX, Ojrh, pVgN, ihs, FjQOtE, dXf, eipLD, bJJq, nOR, XLFCT, khn, lPh, hUA, EfhuW, qjBbJ, aoX, KKwgb, zIqD, wiV, Vyv, Umq, piwIH, wFgaNM, kfPRXx, llXk, umZHuR, BRkf, OHJ, FbpvWH, vAgiol, QXyHUP, UdyC, usZU, RZtRzG, qAnXQ, PZES, xmd, SKH, yPDqQ, gpAq, mKcTLA, zSPkK, GzuMHq, mkAE, agk, XwVSX,