{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,4]],"date-time":"2025-07-04T17:23:23Z","timestamp":1751649803855,"version":"3.41.0"},"publisher-location":"Cham","reference-count":42,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319308395"},{"type":"electronic","value":"9783319308401"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-30840-1_16","type":"book-chapter","created":{"date-parts":[[2016,3,9]],"date-time":"2016-03-09T14:15:22Z","timestamp":1457532922000},"page":"246-261","source":"Crossref","is-referenced-by-count":7,"title":["Improving Fuzzing Using Software Complexity Metrics"],"prefix":"10.1007","author":[{"given":"Maksim O.","family":"Shudrak","sequence":"first","affiliation":[]},{"given":"Vyacheslav V.","family":"Zolotarev","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,3,10]]},"reference":[{"key":"16_CR1","unstructured":"NIST National Vulnerability Database. http:\/\/nvd.nist.gov"},{"key":"16_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"202","DOI":"10.1007\/978-3-540-69149-5_22","volume-title":"Verified Software: Theories, Tools, Experiments","author":"G Balakrishnan","year":"2008","unstructured":"Balakrishnan, G., Reps, T., Melski, D., Teitelbaum, T.: WYSINWYX: what you see is not what you execute. In: Meyer, B., Woodcock, J. (eds.) VSTTE 2005. LNCS, vol. 4171, pp. 202\u2013213. Springer, Heidelberg (2008)"},{"key":"16_CR3","unstructured":"Sulley Fuzzing Framework. http:\/\/code.google.com\/p\/sulley\/"},{"key":"16_CR4","unstructured":"Peach Fuzzing Framework. http:\/\/peachfuzzer.com\/"},{"issue":"1","key":"16_CR5","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1145\/2090147.2094081","volume":"10","author":"P Godefroid","year":"2012","unstructured":"Godefroid, P., Levin, M.Y., Molnar, D.: SAGE: whitebox fuzzing for security testing. Queue 10(1), 20 (2012)","journal-title":"Queue"},{"key":"16_CR6","unstructured":"Miller, C.: Fuzz by number. In: CanSecWest (2008)"},{"key":"16_CR7","doi-asserted-by":"crossref","unstructured":"Woo, M., Cha, S.K., Gottlieb, S., Brumley, D.: Scheduling black-box mutational fuzzing. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 511\u2013522. ACM (2013)","DOI":"10.1145\/2508859.2516736"},{"key":"16_CR8","unstructured":"Duran, D., Weston, D., Miller, M.: Targeted taint driven fuzzing using software metrics. In: CanSecWest (2011)"},{"key":"16_CR9","series-title":"Lecture Notes in Business Information Processing","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1007\/978-3-642-05085-5_6","volume-title":"Semantic Methods for Execution-level Business Process Modeling","author":"IM Weber","year":"2009","unstructured":"Weber, I.M.: Evaluation. In: Weber, I.M. (ed.) Semantic Methods for Execution-level Business Process Modeling. LNBIP, vol. 40, pp. 203\u2013225. Springer, Heidelberg (2009)"},{"key":"16_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"343","DOI":"10.1007\/11836810_25","volume-title":"Information Security","author":"G Banks","year":"2006","unstructured":"Banks, G., Cova, M., Felmetsger, V., Almeroth, K.C., Kemmerer, R.A., Vigna, G.: SNOOZE: toward a stateful NetwOrk prOtocol fuzZEr. In: Katsikas, S.K., L\u00f3pez, J., Backes, M., Gritzalis, S., Preneel, B. (eds.) ISC 2006. LNCS, vol. 4176, pp. 343\u2013358. Springer, Heidelberg (2006)"},{"issue":"3","key":"16_CR11","doi-asserted-by":"publisher","first-page":"259","DOI":"10.1016\/j.sysarc.2010.03.002","volume":"57","author":"HC Kim","year":"2011","unstructured":"Kim, H.C., Choi, Y.H., Lee, D.H.: Efficient file fuzz testing using automated analysis of binary file format. J. Syst. Architect. 57(3), 259\u2013268 (2011)","journal-title":"J. Syst. Architect."},{"key":"16_CR12","volume-title":"Fuzzing for Software Security Testing and Quality Assurance","author":"A Takanen","year":"2008","unstructured":"Takanen, A., Demott, J.D., Miller, C.: Fuzzing for Software Security Testing and Quality Assurance. Artech House, Norwood (2008)"},{"issue":"1","key":"16_CR13","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1145\/69605.2085","volume":"27","author":"VR Basili","year":"1984","unstructured":"Basili, V.R., Perricone, B.T.: Software errors and complexity: an empirical investigation. Commun. ACM 27(1), 42\u201352 (1984)","journal-title":"Commun. ACM"},{"issue":"2","key":"16_CR14","doi-asserted-by":"publisher","first-page":"253","DOI":"10.1109\/49.46879","volume":"8","author":"TM Khoshgoftaar","year":"1990","unstructured":"Khoshgoftaar, T.M., Munson, J.C.: Predicting software development errors using software complexity metrics. IEEE J. Sel. Areas Commun. 8(2), 253\u2013261 (1990)","journal-title":"IEEE J. Sel. Areas Commun."},{"issue":"6","key":"16_CR15","doi-asserted-by":"publisher","first-page":"402","DOI":"10.1109\/TSE.2007.1015","volume":"33","author":"HM Olague","year":"2007","unstructured":"Olague, H.M., Etzkorn, L.H., Gholston, S., Quattlebaum, S.: Empirical validation of three software metrics suites to predict fault-proneness of object-oriented classes developed using highly iterative or agile software development processes. IEEE Trans. Softw. Eng. 33(6), 402\u2013419 (2007)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"16_CR16","doi-asserted-by":"publisher","DOI":"10.1002\/9780470606834","volume-title":"Software Metrics and Software Metrology","author":"A Abran","year":"2010","unstructured":"Abran, A.: Software Metrics and Software Metrology. Wiley-IEEE Computer Society, Hoboken (2010)"},{"key":"16_CR17","doi-asserted-by":"publisher","first-page":"308","DOI":"10.1109\/TSE.1976.233837","volume":"4","author":"TJ McCabe","year":"1976","unstructured":"McCabe, T.J.: A complexity measure. IEEE Trans. Softw. Eng. 4, 308\u2013320 (1976)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"16_CR18","first-page":"647","volume-title":"A Rigorous and Practical Approach","author":"NE Fenton","year":"1997","unstructured":"Fenton, N.E., Ptleeger, S.L., Metrics, S.: A Rigorous and Practical Approach, 2nd edn, p. 647. International Thomson Computer Press, London (1997)","edition":"2"},{"key":"16_CR19","first-page":"127","volume-title":"Elements of Software Science","author":"MH Halstead","year":"1977","unstructured":"Halstead, M.H.: Elements of Software Science, p. 127. Elsevier North-Holland Inc., Amsterdam (1977)"},{"issue":"3","key":"16_CR20","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1145\/947825.947829","volume":"16","author":"WA Harrison","year":"1981","unstructured":"Harrison, W.A., Magel, K.I.: A complexity measure based on nesting level. ACM SIGPLAN Not. 16(3), 63\u201374 (1981)","journal-title":"ACM SIGPLAN Not."},{"key":"16_CR21","doi-asserted-by":"publisher","first-page":"510","DOI":"10.1109\/TSE.1981.231113","volume":"5","author":"S Henry","year":"1981","unstructured":"Henry, S., Kafura, D.: Software structure metrics based on information flow. IEEE Trans. Softw. Eng. 5, 510\u2013518 (1981)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"16_CR22","volume-title":"Measuring Software Design Quality","author":"D Card","year":"1990","unstructured":"Card, D., Glass, R.: Measuring Software Design Quality. Prentice Hall, Englewood Cliffs (1990)"},{"key":"16_CR23","first-page":"52","volume-title":"Software Engineering Metrics I","author":"EI Oviedo","year":"1993","unstructured":"Oviedo, E.I.: Control flow, data flow and program complexity. In: Shepperd, M. (ed.) Software Engineering Metrics I, pp. 52\u201365. McGraw-Hill, Inc., New York (1993)"},{"key":"16_CR24","doi-asserted-by":"crossref","unstructured":"Chapin, N.: An entropy metric for software maintainability. In: Vol. II: Software Track, Proceedings of the Twenty-Second Annual Hawaii International Conference on System Sciences, vol. 2, pp. 522\u2013523. IEEE (1989)","DOI":"10.1109\/HICSS.1989.48047"},{"key":"16_CR25","unstructured":"Lifecycle, S.D.: List of banned syscalls. https:\/\/msdn.microsoft.com\/en-us\/library\/bb288454.aspx"},{"key":"16_CR26","unstructured":"Intel Pin: A Dynamic Binary Instrumentation Tool. http:\/\/software.intel.com\/en-us\/articles\/pin-a-dynamic-binary-instrumentation-tool"},{"key":"16_CR27","unstructured":"Vulnerable applications, exploits database. http:\/\/www.exploit-db.com\/"},{"key":"16_CR28","unstructured":"The set of tools, experimental results, the list of selected applications. https:\/\/github.com\/MShudrak\/ida-metrics"},{"key":"16_CR29","unstructured":"Detailed results of experiments for each application. https:\/\/goo.gl\/3dRMEx"},{"key":"16_CR30","unstructured":"Zzuf fuzzer. http:\/\/caca.zoy.org\/wiki\/zzuf"},{"key":"16_CR31","unstructured":"CERT fuzzer. https:\/\/www.cert.org\/vulnerability-analysis\/tools\/bff.cfm?"},{"key":"16_CR32","unstructured":"Newsome, J., Song, D.: Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software (2005)"},{"issue":"6","key":"16_CR33","doi-asserted-by":"publisher","first-page":"206","DOI":"10.1145\/1379022.1375607","volume":"43","author":"P Godefroid","year":"2008","unstructured":"Godefroid, P., Kiezun, A., Levin, M.Y.: Grammar-based whitebox fuzzing. ACM SIGPLAN Not. 43(6), 206\u2013215 (2008). ACM","journal-title":"ACM SIGPLAN Not."},{"key":"16_CR34","doi-asserted-by":"crossref","unstructured":"Schwartz, E.J., Avgerinos, T., Brumley, D.: All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 317\u2013331. IEEE (2010)","DOI":"10.1109\/SP.2010.26"},{"key":"16_CR35","doi-asserted-by":"crossref","unstructured":"Ganesh, V., Leek, T., Rinard, M.: Taint-based directed whitebox fuzzing. In: IEEE 31st International Conference on Software Engineering, ICSE 2009, pp. 474\u2013484. IEEE (2009)","DOI":"10.1109\/ICSE.2009.5070546"},{"key":"16_CR36","doi-asserted-by":"crossref","unstructured":"Sparks, S., Embleton, S., Cunningham, R., Zou, C.: Automated vul-nerability analysis: leveraging control flow for evolutionary input crafting. In: Twenty-Third Annual Computer Security Applications Conference, ACSAC 2007, pp. 477\u2013486. IEEE (2007)","DOI":"10.1109\/ACSAC.2007.4413013"},{"key":"16_CR37","unstructured":"Seagle Jr., R.L.: A framework for file format fuzzing with genetic algorithms. Ph.D. thesis, University of Tennessee, Knoxville (2012)"},{"key":"16_CR38","volume-title":"The Art of Software Testing","author":"GJ Myers","year":"2011","unstructured":"Myers, G.J., Sandler, C., Badgett, T.: The Art of Software Testing. Wiley, Hoboken (2011)"},{"issue":"11","key":"16_CR39","doi-asserted-by":"publisher","first-page":"1318","DOI":"10.1109\/32.41326","volume":"15","author":"LA Clarke","year":"1989","unstructured":"Clarke, L.A., Podgurski, A., Richardson, D.J., Zeil, S.J.: A formal evaluation of data flow path selection criteria. IEEE Trans. Softw. Eng. 15(11), 1318\u20131332 (1989)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"16_CR40","doi-asserted-by":"crossref","unstructured":"Tsankov, P., Dashti, M.T., Basin, D.: Semi-valid input coverage for fuzz testing. In: Proceedings of the 2013 International Symposium on Software Testing and Analysis, pp. 56\u201366. ACM (2013)","DOI":"10.1145\/2483760.2483787"},{"key":"16_CR41","unstructured":"Iozzo, V.: 0-knowledge fuzzing. http:\/\/resources.sei.cmu.edu\/asset files\/WhitePaper\/2010_ 019_001_53555.pdf"},{"key":"16_CR42","unstructured":"Rebert, A., Cha, S.K., Avgerinos, T., Foote, J., Warren, D., Grieco, G., Brumley, D.: Optimizing seed selection for fuzzing. In: Proceedings of the USENIX Security Symposium, pp. 861\u2013875 (2014)"}],"container-title":["Lecture Notes in Computer Science","Information Security and Cryptology - ICISC 2015"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-30840-1_16","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,1]],"date-time":"2025-06-01T18:13:22Z","timestamp":1748801602000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-30840-1_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319308395","9783319308401"],"references-count":42,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-30840-1_16","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]}}}