{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T06:45:39Z","timestamp":1743057939328,"version":"3.40.3"},"publisher-location":"Cham","reference-count":37,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319584683"},{"type":"electronic","value":"9783319584690"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-58469-0_15","type":"book-chapter","created":{"date-parts":[[2017,5,3]],"date-time":"2017-05-03T11:34:53Z","timestamp":1493811293000},"page":"219-232","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["The Fuzzing Awakens: File Format-Aware Mutational Fuzzing on Smartphone Media Server Daemons"],"prefix":"10.1007","author":[{"given":"MinSik","family":"Shin","sequence":"first","affiliation":[]},{"given":"JungBeen","family":"Yu","sequence":"additional","affiliation":[]},{"given":"YoungJin","family":"Yoon","sequence":"additional","affiliation":[]},{"given":"Taekyoung","family":"Kwon","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,5,4]]},"reference":[{"key":"15_CR1","unstructured":"Quicktime file format specification. https:\/\/developer.apple.com\/library\/mac\/documentation\/QuickTime\/QTFF\/QTFFPreface\/qtffPreface.html"},{"key":"15_CR2","doi-asserted-by":"crossref","unstructured":"Bekrar, S., Bekrar, C., Groz, R., Mounier, L.: Finding software vulnerabilities by smart fuzzing. In: Proceeding the IEEE International Conference on Software Testing, Verification and Validation (ICST), pp. 427\u2013430 (2011)","DOI":"10.1109\/ICST.2011.48"},{"key":"15_CR3","doi-asserted-by":"crossref","unstructured":"Bekrar, S., Bekrar, C., Groz, R., Mounier, L.: A taint based approach for smart fuzzing. In: Proceeding the IEEE International Conference on Software Testing, Verification and Validation (ICST), pp. 818\u2013825 (2012)","DOI":"10.1109\/ICST.2012.182"},{"key":"15_CR4","doi-asserted-by":"crossref","unstructured":"B\u00f6hme, M., Pham, V.T., Roychoudhury, A.: Coverage-based Greybox Fuzzing as Markov Chain. In: Proceeding the ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 1032\u20131043 (2016)","DOI":"10.1145\/2976749.2978428"},{"key":"15_CR5","doi-asserted-by":"crossref","unstructured":"Bounimova, E., Godefroid, P., Molnar, D.: Billions and billions of constraints: whitebox fuzz testing in production. In: Proceeding the International Conference on Software Engineering (ICSE), pp. 122\u2013131 (2013)","DOI":"10.1109\/ICSE.2013.6606558"},{"key":"15_CR6","doi-asserted-by":"crossref","unstructured":"Caballero, J., Yin, H., Liang, Z., Song, D.: Polyglot: automatic extraction of protocol message format using dynamic binary analysis. In: Proceeding the ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 317\u2013329 (2007)","DOI":"10.1145\/1315245.1315286"},{"key":"15_CR7","doi-asserted-by":"crossref","unstructured":"Cadar, C., Ganesh, V., Pawlowski, P., Dill, D., Engler, D.: EXE: a system for automatically generating inputs of death using symbolic execution. In: Proceeding the ACM Conference on Computer and Communications Security (CCS) (2006)","DOI":"10.1145\/1180405.1180445"},{"key":"15_CR8","doi-asserted-by":"crossref","unstructured":"Cha, S.K., Woo, M., Brumley, D.: Program-adaptive mutational fuzzing. In: Proceeding of the IEEE Symposium on Security and Privacy (S&P), pp. 725\u2013741 (2015)","DOI":"10.1109\/SP.2015.50"},{"key":"15_CR9","doi-asserted-by":"crossref","unstructured":"Cui, W., Peinado, M., Chen, K., Wang, H.J., Irun-Briz, L.: Tupni: automatic reverse engineering of input formats. In: Proceeding the ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 391\u2013402 (2008)","DOI":"10.1145\/1455770.1455820"},{"key":"15_CR10","unstructured":"De Ruiter, J., Poll, E.: Protocol state fuzzing of TLS implementations. In: Proceeding of the USENIX Security Symposium (2015)"},{"key":"15_CR11","unstructured":"Drake, J.: Stagefright: Scary Code in the Heart of Android. BlackHat USA (2015)"},{"key":"15_CR12","unstructured":"Drake, J.J., Lanier, Z., Mulliner, C., Fora, P.O., Ridley, S.A., Wicherski, G.: Android Hacker\u2019s Handbook. Wiley (2014)"},{"key":"15_CR13","unstructured":"Eddington, M.: Peach Fuzzing Platform. http:\/\/www.peachfuzzer.com\/"},{"key":"15_CR14","doi-asserted-by":"crossref","unstructured":"Ganesh, V., Leek, T., Rinard, M.: Taint-based directed whitebox fuzzing. In: Proceeding of the International Conference on Software Engineering (ICSE), pp. 474\u2013484 (2009)","DOI":"10.1109\/ICSE.2009.5070546"},{"key":"15_CR15","doi-asserted-by":"crossref","unstructured":"Godefroid, P., Kiezun, A., Levin, M.Y.: Grammar-based whitebox fuzzing. In: Proceeding of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), vol. 43, pp. 206\u2013215 (2008)","DOI":"10.1145\/1379022.1375607"},{"issue":"1","key":"15_CR16","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1145\/2090147.2094081","volume":"10","author":"P Godefroid","year":"2012","unstructured":"Godefroid, P., Levin, M.Y., Molnar, D.: SAGE: whitebox fuzzing for security testing. Queue 10(1), 20 (2012)","journal-title":"Queue"},{"key":"15_CR17","unstructured":"Godefroid, P., Levin, M.Y., Molnar, D.A., et al.: Automated whitebox fuzz testing. In: Proceeding of the Network and Distributed System Security Symposium (NDSS), vol. 8, pp. 151\u2013166 (2008)"},{"key":"15_CR18","unstructured":"Holler, C., Herzig, K., Zeller, A.: Fuzzing with code fragments. In: Proceeding of the USENIX Security Symposium, pp. 445\u2013458 (2012)"},{"key":"15_CR19","unstructured":"Klein, T.: A Bug Hunter\u2019s Diary: A Guided Tour Through the Wilds of Software Security. No Starch Press (2011)"},{"key":"15_CR20","unstructured":"Caca labs: ZZUF. http:\/\/caca.zoy.org\/wiki\/zzuf"},{"key":"15_CR21","doi-asserted-by":"crossref","unstructured":"Lee, W.H., Srirangam Ramanujam, M., Krishnan, S.: On designing an efficient distributed black-box fuzzing system for mobile devices. In: Proceeding of the ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 31\u201342 (2015)","DOI":"10.1145\/2714576.2714607"},{"key":"15_CR22","unstructured":"Lewis, C., Rhoden, B., Sturton, C.: Using Structured Random Data to Precisely Fuzz Media Players. Project Report. University of UC Berkeley (2007)"},{"key":"15_CR23","doi-asserted-by":"crossref","unstructured":"Lin, Z., Zhang, X.: Deriving input syntactic structure from execution. In: Proceeding of the ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE), pp. 83\u201393 (2008)","DOI":"10.1145\/1453101.1453114"},{"key":"15_CR24","unstructured":"Miller, B.P.: Fuzz Testing of Application Reliability. UW-Madison Computer Sciences (2007)"},{"issue":"12","key":"15_CR25","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1145\/96267.96279","volume":"33","author":"BP Miller","year":"1990","unstructured":"Miller, B.P., Fredriksen, L., So, B.: An empirical study of the reliability of UNIX utilities. Commun. ACM 33(12), 32\u201344 (1990)","journal-title":"Commun. ACM"},{"key":"15_CR26","unstructured":"Miller, C., Peterson, Z.N.: Analysis of Mutation and Generation-based Fuzzing. Independent Security Evaluators (2007)"},{"key":"15_CR27","unstructured":"Mulliner, C., Miller, C.: Fuzzing the phone in your phone. In: BlackHat USA, vol. 25 (2009)"},{"key":"15_CR28","unstructured":"Rebert, A., Cha, S.K., Avgerinos, T., Foote, J., Warren, D., Grieco, G., Brumley, D.: Optimizing seed selection for fuzzing. In: Proceeding of the USENIX Security Symposium, pp. 861\u2013875 (2014)"},{"key":"15_CR29","unstructured":"R\u00f6ning, J., Lasko, M., Takanen, A., Kaksonen, R.: Protos-systematic approach to eliminate software vulnerabilities. Invited presentation at Microsoft Research (2002)"},{"key":"15_CR30","doi-asserted-by":"crossref","unstructured":"Stephens, N., Grosen, J., Salls, C., Dutcher, A., Wang, R., Corbetta, J., Shoshitaishvili, Y., Kruegel, C., Vigna, G.: Driller: augmenting fuzzing through selective symbolic execution. In: Proceeding of the Network and Distributed System Security Symposium (NDSS) (2016)","DOI":"10.14722\/ndss.2016.23368"},{"key":"15_CR31","unstructured":"Sutton, M., Greene, A.: The art of file format fuzzing. In: BlackHat USA (2005)"},{"key":"15_CR32","doi-asserted-by":"crossref","unstructured":"Takanen, A., Demott, J.D., Miller, C.: Fuzzing for Software Security Testing and Quality Assurance. Artech House (2008)","DOI":"10.1016\/S1353-4858(08)70095-3"},{"key":"15_CR33","unstructured":"Thiel, D.: Exposing vulnerabilities in media software. In: BlackHat EU (2008)"},{"key":"15_CR34","unstructured":"Tool: Spike Fuzzer Platform. http:\/\/www.immunitysec.com"},{"key":"15_CR35","doi-asserted-by":"crossref","unstructured":"Wang, T., Wei, T., Gu, G., Zou, W.: TaintScope: a checksum-aware directed fuzzing tool for automatic software vulnerability detection. In: Proceeding of the IEEE Symposium on Security and Privacy (S&P), pp. 497\u2013512 (2010)","DOI":"10.1109\/SP.2010.37"},{"key":"15_CR36","doi-asserted-by":"crossref","unstructured":"Woo, M., Cha, S.K., Gottlieb, S., Brumley, D.: Scheduling black-box mutational fuzzing. In: Proceeding of the ACM SIGSAC Conference on Computer and Communications Security (CCS), vol. 9 (2013)","DOI":"10.1145\/2508859.2516736"},{"key":"15_CR37","unstructured":"Zalewski, M.: American Fuzzy Lop (AFL) fuzzer. http:\/\/lcamtuf.coredump.cx\/afl\/"}],"container-title":["IFIP Advances in Information and Communication Technology","ICT Systems Security and Privacy Protection"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-58469-0_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,5,22]],"date-time":"2021-05-22T00:05:20Z","timestamp":1621641920000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-58469-0_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319584683","9783319584690"],"references-count":37,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-58469-0_15","relation":{},"ISSN":["1868-4238","1868-422X"],"issn-type":[{"type":"print","value":"1868-4238"},{"type":"electronic","value":"1868-422X"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"4 May 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SEC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on ICT Systems Security and Privacy Protection","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Rome","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Italy","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29 May 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"31 May 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"32","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"sec2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/ifipsec.org\/2017\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}