Fuzzing: Art, Science, and Engineering

12/01/2018
by   Valentin J. M. Manes, et al.
0

Among the many software vulnerability discovery techniques available today, fuzzing has remained highly popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of empirical evidence in discovering real-world software vulnerabilities. While researchers and practitioners alike have invested a large and diverse effort towards improving fuzzing in recent years, this surge of work has also made it difficult to gain a comprehensive and coherent view of fuzzing. To help preserve and bring coherence to the vast literature of fuzzing, this paper presents a unified, general-purpose model of fuzzing together with a taxonomy of the current fuzzing literature. We methodically explore the design decisions at every stage of our model fuzzer by surveying the related literature and innovations in the art, science, and engineering that make modern-day fuzzers effective.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 9

09/13/2021

Data Preparation for Software Vulnerability Prediction: A Systematic Literature Review

Software Vulnerability Prediction (SVP) is a data-driven technique for s...
05/27/2020

Machine Learning for Software Engineering: A Systematic Mapping

Context: The software development industry is rapidly adopting machine l...
02/08/2019

Systematization of Vulnerability Discovery Knowledge: Review Protocol

In this report, we describe the review protocol that will guide the syst...
05/29/2019

A Boxology of Design Patterns for Hybrid Learning and Reasoning Systems

We propose a set of compositional design patterns to describe a large va...
08/29/2021

Continuous Systematic Literature Review: An Approach for Open Science

Systematic Literature Reviews (SLRs) play an important role in the Evide...
04/20/2022

Prompt Engineering for Text-Based Generative Art

Text-based generative art has seen an explosion of interest in 2021. Onl...
01/17/2018

M-STAR: A Modular, Evidence-based Software Trustworthiness Framework

Despite years of intensive research in the field of software vulnerabili...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.