{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,29]],"date-time":"2026-01-29T22:21:32Z","timestamp":1769725292425,"version":"3.49.0"},"publisher-location":"Cham","reference-count":31,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031757563","type":"print"},{"value":"9783031757570","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,10,17]],"date-time":"2024-10-17T00:00:00Z","timestamp":1729123200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,10,17]],"date-time":"2024-10-17T00:00:00Z","timestamp":1729123200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-75757-0_9","type":"book-chapter","created":{"date-parts":[[2024,10,22]],"date-time":"2024-10-22T11:03:12Z","timestamp":1729594992000},"page":"171-189","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["SyzLego: Enhancing Kernel Directed Greybox Fuzzing via\u00a0Dependency Inference and\u00a0Scheduling"],"prefix":"10.1007","author":[{"given":"Chengxiang","family":"Liao","sequence":"first","affiliation":[]},{"given":"Ruipeng","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Yuwei","family":"Li","sequence":"additional","affiliation":[]},{"given":"Juxing","family":"Chen","sequence":"additional","affiliation":[]},{"given":"Yang","family":"Li","sequence":"additional","affiliation":[]},{"given":"Zulie","family":"Pan","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,10,17]]},"reference":[{"key":"9_CR1","doi-asserted-by":"crossref","unstructured":"B\u00f6hme, M., Pham, V.T., Nguyen, M.D., Roychoudhury, A.: Directed greybox fuzzing. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 2329\u20132344 (2017)","DOI":"10.1145\/3133956.3134020"},{"key":"9_CR2","doi-asserted-by":"crossref","unstructured":"Chen, H., Xue, Y., Li, Y., Chen, B., Xie, X., Wu, X., Liu, Y.: Hawkeye: towards a desired directed grey-box fuzzer. In: Proceedings of the 2018 ACM SIGSAC conference on Computer and Communications Security, pp. 2095\u20132108 (2018)","DOI":"10.1145\/3243734.3243849"},{"key":"9_CR3","doi-asserted-by":"crossref","unstructured":"Corina, J., et al.: Difuze: interface aware fuzzing for kernel drivers. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 2123\u20132138 (2017)","DOI":"10.1145\/3133956.3134069"},{"key":"9_CR4","doi-asserted-by":"crossref","unstructured":"Du, Z., Li, Y., Liu, Y., Mao, B.: Windranger: a directed greybox fuzzer driven by deviation basic blocks. In: Proceedings of the 44th International Conference on Software Engineering, pp. 2440\u20132451 (2022)","DOI":"10.1145\/3510003.3510197"},{"key":"9_CR5","unstructured":"Google: syzbot. https:\/\/syzkaller.appspot.com\/upstream"},{"key":"9_CR6","unstructured":"Google: Syzkaller. https:\/\/github.com\/google\/syzkaller (2022)"},{"key":"9_CR7","unstructured":"Google: syzlang. https:\/\/github.com\/google\/syzkaller\/blob\/master\/docs\/syscall _descriptions_syntax.md (2022)"},{"key":"9_CR8","doi-asserted-by":"crossref","unstructured":"Hao, Y., et al.: Syzdescribe: principled, automated, static generation of syscall descriptions for kernel drivers. In: 2023 IEEE Symposium on Security and Privacy (SP), pp. 3262\u20133278. IEEE (2023)","DOI":"10.1109\/SP46215.2023.10179298"},{"key":"9_CR9","doi-asserted-by":"crossref","unstructured":"Hetzelt, F., Radev, M., Buhren, R., Morbitzer, M., Seifert, J.P.: Via: analyzing device interfaces of protected virtual machines. In: Proceedings of the 37th Annual Computer Security Applications Conference, pp. 273\u2013284 (2021)","DOI":"10.1145\/3485832.3488011"},{"key":"9_CR10","doi-asserted-by":"crossref","unstructured":"Huang, H., Guo, Y., Shi, Q., Yao, P., Wu, R., Zhang, C.: Beacon: directed grey-box fuzzing with provable path pruning. In: 2022 IEEE Symposium on Security and Privacy (SP), pp. 36\u201350. IEEE (2022)","DOI":"10.1109\/SP46214.2022.9833751"},{"key":"9_CR11","doi-asserted-by":"crossref","unstructured":"Kim, K., Jeong, D.R., Kim, C.H., Jang, Y., Shin, I., Lee, B.: Hfl: hybrid fuzzing on the linux kernel. In: NDSS (2020)","DOI":"10.14722\/ndss.2020.24018"},{"key":"9_CR12","unstructured":"Lattner, C., Adve, V.: Llvm: a compilation framework for lifelong program analysis & transformation. In: International Symposium on Code Generation and Optimization, 2004. CGO 2004, pp. 75\u201386. IEEE (2004)"},{"key":"9_CR13","unstructured":"Lee, G., Shim, W., Lee, B.: Constraint-guided directed greybox fuzzing. In: 30th USENIX Security Symposium (USENIX Security 21), pp. 3559\u20133576 (2021)"},{"issue":"1","key":"9_CR14","doi-asserted-by":"publisher","first-page":"168","DOI":"10.1109\/TDSC.2023.3244825","volume":"21","author":"Y Li","year":"2023","unstructured":"Li, Y., et al.: G-fuzz: a directed fuzzing framework for gVisor. IEEE Trans. Dependable Secure Comput. 21(1), 168\u2013185 (2023)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"9_CR15","doi-asserted-by":"crossref","unstructured":"Lin, Z., et al.: Grebe: unveiling exploitation potential for linux kernel bugs. In: 2022 IEEE Symposium on Security and Privacy (SP), pp. 2078\u20132095. IEEE (2022)","DOI":"10.1109\/SP46214.2022.9833683"},{"key":"9_CR16","doi-asserted-by":"crossref","unstructured":"Lu, K., Hu, H.: Where does it go? refining indirect-call targets with multi-layer type analysis. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 1867\u20131881 (2019)","DOI":"10.1145\/3319535.3354244"},{"key":"9_CR17","unstructured":"Pailoor, S., Aday, A., Jana, S.: $$\\{$$MoonShine$$\\}$$: optimizing $$\\{$$OS$$\\}$$ fuzzer seed selection with trace distillation. In: 27th USENIX Security Symposium (USENIX Security 18), pp. 729\u2013743 (2018)"},{"key":"9_CR18","unstructured":"Peng, H., Payer, M.: $$\\{$$USBFuzz$$\\}$$: a framework for fuzzing $$\\{$$USB$$\\}$$ drivers by device emulation. In: 29th USENIX Security Symposium (USENIX Security 20), pp. 2559\u20132575 (2020)"},{"key":"9_CR19","unstructured":"shamir rabinovitch: net\/rds: fix warn in rds_message_alloc_sgs. https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=ea010070d0a7497253d5a6f919f6dd107450b31a (2018)"},{"key":"9_CR20","unstructured":"Robin-Pwner: Syzdirect dataset. https:\/\/github.com\/seclab-fudan\/SyzDirect\/blob\/main\/dataset\/dataset.pdf (2024), Accessed 18 Jan 2024"},{"key":"9_CR21","doi-asserted-by":"crossref","unstructured":"Song, D., et al.: Periscope: an effective probing and fuzzing framework for the hardware-os boundary. In: 2019 Network and Distributed Systems Security Symposium (NDSS), pp. 1\u201315. Internet Society (2019)","DOI":"10.14722\/ndss.2019.23176"},{"key":"9_CR22","unstructured":"Sun, H., Shen, Y., Liu, J., Xu, Y., Jiang, Y.: $$\\{$$KSG$$\\}$$: augmenting kernel fuzzing with system call specification generation. In: 2022 USENIX Annual Technical Conference (USENIX ATC 22), pp. 351\u2013366 (2022)"},{"key":"9_CR23","doi-asserted-by":"crossref","unstructured":"Sun, H., et al.: Healer: relation learning guided kernel fuzzing. In: Proceedings of the ACM SIGOPS 28th Symposium on Operating Systems Principles, pp. 344\u2013358 (2021)","DOI":"10.1145\/3477132.3483547"},{"key":"9_CR24","doi-asserted-by":"crossref","unstructured":"Tan, X., Zhang, Y., Lu, J., Xiong, X., Liu, Z., Yang, M.: Syzdirect: directed greybox fuzzing for linux kernel. In: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, pp. 1630\u20131644 (2023)","DOI":"10.1145\/3576915.3623146"},{"key":"9_CR25","unstructured":"Wang, D., Zhang, Z., Zhang, H., Qian, Z., Krishnamurthy, S.V., Abu-Ghazaleh, N.: $$\\{$$SyzVegas$$\\}$$: beating kernel fuzzing odds with reinforcement learning. In: 30th USENIX Security Symposium (USENIX Security 21), pp. 2741\u20132758 (2021)"},{"key":"9_CR26","doi-asserted-by":"crossref","unstructured":"Wang, Y., et al.: Not all coverage measurements are equal: Fuzzing by coverage accounting for input prioritization. In: NDSS (2020)","DOI":"10.14722\/ndss.2020.24422"},{"key":"9_CR27","doi-asserted-by":"crossref","unstructured":"Xu, J., et al.: Mock: optimizing kernel fuzzing mutation with context-aware dependency. In: Proceedings of the Network and Distributed System Security Symposium (NDSS) (2024)","DOI":"10.14722\/ndss.2024.23131"},{"key":"9_CR28","unstructured":"Yang, C., Zhao, Z., Zhang, L.: Kernelgpt: enhanced kernel fuzzing via large language models. arXiv preprint arXiv:2401.00563 (2023)"},{"key":"9_CR29","unstructured":"Yuan, M., Zhao, B., Li, P., Liang, J., Han, X., Luo, X., Zhang, C.: Ddrace: finding concurrency uaf vulnerabilities in linux drivers with directed fuzzing. In: 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11 (2023)"},{"key":"9_CR30","unstructured":"Zhao, B., et al.: $$\\{$$StateFuzz$$\\}$$: System $$\\{$$Call-Based$$\\}$$$$\\{$$State-Aware$$\\}$$ linux driver fuzzing. In: 31st USENIX Security Symposium (USENIX Security 22), pp. 3273\u20133289 (2022)"},{"key":"9_CR31","unstructured":"Zong, P., Lv, T., Wang, D., Deng, Z., Liang, R., Chen, K.: $$\\{$$FuzzGuard$$\\}$$: filtering out unreachable inputs in directed grey-box fuzzing through deep learning. In: 29th USENIX security symposium (USENIX security 20), pp. 2255\u20132269 (2020)"}],"container-title":["Lecture Notes in Computer Science","Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-75757-0_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,10,22]],"date-time":"2024-10-22T11:04:52Z","timestamp":1729595092000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-75757-0_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,10,17]]},"ISBN":["9783031757563","9783031757570"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-75757-0_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,10,17]]},"assertion":[{"value":"17 October 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ISC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Arlington, VA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 October 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 October 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"isw2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/isc24.cs.gmu.edu\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}