{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T00:48:33Z","timestamp":1740098913444,"version":"3.37.3"},"publisher-location":"Cham","reference-count":33,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319598697"},{"type":"electronic","value":"9783319598703"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-59870-3_4","type":"book-chapter","created":{"date-parts":[[2017,5,29]],"date-time":"2017-05-29T22:14:17Z","timestamp":1496096057000},"page":"61-79","source":"Crossref","is-referenced-by-count":1,"title":["FFFuzzer: Filter Your Fuzz to Get Accuracy, Efficiency and Schedulability"],"prefix":"10.1007","author":[{"given":"Fan","family":"Jiang","sequence":"first","affiliation":[]},{"given":"Cen","family":"Zhang","sequence":"additional","affiliation":[]},{"given":"Shaoyin","family":"Cheng","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,5,31]]},"reference":[{"key":"4_CR1","doi-asserted-by":"crossref","unstructured":"Bao, T., Zheng, Y., Lin, Z., Zhang, X., Xu, D.: Strict control dependence and its effect on dynamic information flow analyses. In: Proceedings of the 19th International Symposium on Software Testing and Analysis, ISSTA 2010, pp. 13\u201324. ACM, New York (2010). \nhttp:\/\/doi.acm.org\/10.1145\/1831708.1831711","DOI":"10.1145\/1831708.1831711"},{"key":"4_CR2","unstructured":"Brumley, D., Hartwig, C., Kang, M.G., Liang, Z., Newsome, J., Poosankam, P., Song, D., Yin, H.: Bitscope: automatically dissecting malicious binaries (2007)"},{"key":"4_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"463","DOI":"10.1007\/978-3-642-22110-1_37","volume-title":"Computer Aided Verification","author":"D Brumley","year":"2011","unstructured":"Brumley, D., Jager, I., Avgerinos, T., Schwartz, E.J.: BAP: a binary analysis platform. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 463\u2013469. Springer, Heidelberg (2011). doi:\n10.1007\/978-3-642-22110-1_37"},{"key":"4_CR4","doi-asserted-by":"crossref","unstructured":"Caballero, J., Yin, H., Liang, Z., Song, D.: Polyglot: automatic extraction of protocol message format using dynamic binary analysis. In: ACM Conference on Computer and Communications Security, CCS 2007, Alexandria, Virginia, USA, pp. 317\u2013329, October 2007","DOI":"10.1145\/1315245.1315286"},{"key":"4_CR5","unstructured":"Cadar, C., Dunbar, D., Engler, D.: Klee: unassisted and automatic generation of high-coverage tests for complex systems programs. In: Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation, OSDI 2008, pp. 209\u2013224. USENIX Association, Berkeley (2008). \nhttp:\/\/dl.acm.org\/citation.cfm?id=1855741.1855756"},{"issue":"2","key":"4_CR6","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/1455518.1455522","volume":"12","author":"C Cadar","year":"2008","unstructured":"Cadar, C., Ganesh, V., Pawlowski, P.M., Dill, D.L., Engler, D.R.: Exe: automatically generating inputs of death. Acm Trans. Inform. Syst. Secur. 12(2), 1\u201338 (2008)","journal-title":"Acm Trans. Inform. Syst. Secur."},{"key":"4_CR7","unstructured":"CERT\/CC: Bff. \nhttps:\/\/www.cert.org\/vulnerability-analysis\/index.cfm\n\n, basic Fuzzing Framework"},{"key":"4_CR8","doi-asserted-by":"crossref","unstructured":"Cha, S.K., Woo, M., Brumley, D.: Program-adaptive mutational fuzzing. In: 2015 IEEE Symposium on Security and Privacy, pp. 725\u2013741, May 2015","DOI":"10.1109\/SP.2015.50"},{"key":"4_CR9","unstructured":"Eddington, M.: Peach fuzzer. \nhttp:\/\/www.peachfuzzer.com\n\n, grammar based fuzzer"},{"key":"4_CR10","unstructured":"feseal: Pin tracer - a tracer based on pin: Intels dynamic binary instrumentation engine (2016). \nhttps:\/\/github.com\/BinaryAnalysisPlatform\/bap-pintraces"},{"key":"4_CR11","unstructured":"Freedesktop: Pdf rendering library. \nhttps:\/\/poppler.freedesktop.org\/"},{"key":"4_CR12","doi-asserted-by":"crossref","unstructured":"Ganesh, V., Leek, T., Rinard, M.: Taint-based directed whitebox fuzzing. In: Proceedings of the 31st International Conference on Software Engineering, ICSE 2009, pp. 474\u2013484. IEEE Computer Society, Washington, DC (2009). \nhttp:\/\/dx.doi.org\/10.1109\/ICSE.2009.5070546","DOI":"10.1109\/ICSE.2009.5070546"},{"key":"4_CR13","doi-asserted-by":"crossref","unstructured":"Godefroid, P., Klarlund, N., Sen, K.: Dart: directed automated random testing. SIGPLAN Not. 40(6), 213\u2013223 (2005). \nhttp:\/\/doi.acm.org\/10.1145\/1064978.1065036","DOI":"10.1145\/1064978.1065036"},{"key":"4_CR14","doi-asserted-by":"crossref","unstructured":"Godefroid, P., Levin, M.Y., Molnar, D.: Sage: whitebox fuzzing for security testing. Commun. ACM 55(3), 40\u201344 (2012). \nhttp:\/\/doi.acm.org\/10.1145\/2093548.2093564","DOI":"10.1145\/2093548.2093564"},{"key":"4_CR15","unstructured":"Haller, I., Slowinska, A., Neugschwandtner, M., Bos, H.: Dowsing for overflows: a guided fuzzer to find buffer boundary violations. In: Usenix Conference on Security, pp. 49\u201364 (2013)"},{"key":"4_CR16","unstructured":"Hoger, T.: Array indexing error in xpdf. \nhttps:\/\/bugzilla.redhat.com\/show_bug.cgi?id=638960\n\n, bug track in bugzilla"},{"key":"4_CR17","unstructured":"Householder, A.: Well theres your problem: Isolating the crash-inducing bits in a fuzzed file. Technical report CMU\/SEI-2012-TN-018, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA (2012). \nhttp:\/\/resources.sei.cmu.edu\/library\/asset-view.cfm?AssetID=28043"},{"key":"4_CR18","unstructured":"Kang, M.G., Mccamant, S., Poosankam, P., Song, D.: Dta++: dynamic taint analysis with targeted control-flow propagation. In: Network and Distributed System Security Symposium, NDSS 2011, San Diego, California, USA, February 2011"},{"key":"4_CR19","unstructured":"eSage Lab: Ioctl fuzzer. \nhttps:\/\/github.com\/Cr4sh\/ioctlfuzzer\n\n, windows NT kernel fuzzer"},{"key":"4_CR20","unstructured":"Labs, C.: zzuf. \nhttp:\/\/caca.zoy.org\/wiki\/zzuf\n\n, multi-purpose fuzzer"},{"key":"4_CR21","unstructured":"MITRE: Cve: Common vulnerabilities and exposures. \nhttps:\/\/cve.mitre.org\/\n\n, the Standard for Information Security Vulnerability Names"},{"key":"4_CR22","unstructured":"Molnar, D., Li, X.C., Wagner, D.A.: Dynamic test generation to find integer bugs in x86 binary linux programs. In: Proceedings of the Usenix Security Symposium, Montreal, Canada, 10\u201314 August 2009, pp. 67\u201382 (2009)"},{"key":"4_CR23","unstructured":"Mozilla: Web-based general-purpose bugtracker and testing tool. \nhttps:\/\/bugzilla.mozilla.org\/"},{"key":"4_CR24","unstructured":"NVD: National vulnerability database. \nhttps:\/\/nvd.nist.gov\/home.cfm\n\n, automating vulnerability management, security measurement, and compliance checking"},{"key":"4_CR25","volume-title":"Adobe Type 1 Font Format","author":"A Press","year":"1990","unstructured":"Press, A.: Adobe Type 1 Font Format, 1st edn. Addison-Wesley Longman Publishing Co. Inc., Boston (1990)","edition":"1"},{"key":"4_CR26","doi-asserted-by":"crossref","unstructured":"Schwartz, E.J., Avgerinos, T., Brumley, D.: All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask). In: 2010 IEEE Symposium on Security and privacy (SP), pp. 317\u2013331. IEEE (2010)","DOI":"10.1109\/SP.2010.26"},{"key":"4_CR27","unstructured":"Sec, I.: Spike fuzzer. \nhttps:\/\/www.blackhat.com\/presentations\/bh-usa-02\/bh-us-02-aitel-spike.ppt\n\n, network protocol fuzzer"},{"key":"4_CR28","doi-asserted-by":"crossref","unstructured":"Sen, K., Marinov, D., Agha, G.: Cute: a concolic unit testing engine for C. In: Proceedings of the 10th European Software Engineering Conference Held Jointly with 13th ACM SIGSOFT International Symposium on Foundations of Software Engineering, ESEC\/FSE-13, pp. 263\u2013272. ACM, New York (2005). \nhttp:\/\/doi.acm.org\/10.1145\/1081706.1081750","DOI":"10.1145\/1081706.1081750"},{"key":"4_CR29","unstructured":"Slowinska, A., Bos, H.: Pointless tainting? evaluating the practicality of pointer tainting. In: Proceedings of the 4th ACM European Conference on Computer Systems, EuroSys 2009, pp. 61\u201374. ACM, New York (2009). \nhttp:\/\/doi.acm.org\/10.1145\/1519065.1519073"},{"key":"4_CR30","volume-title":"Fuzzing: Brute Force Vulnerability Discovery","author":"M Sutton","year":"2007","unstructured":"Sutton, M., Greene, A., Amini, P.: Fuzzing: Brute Force Vulnerability Discovery. Addison-Wesley Professional, Amsterdam (2007)"},{"key":"4_CR31","unstructured":"Symantec: Online computer security news portal and purveyor of information security services. \nhttp:\/\/www.securityfocus.com\/"},{"key":"4_CR32","unstructured":"Wang, T., Wei, T., Gu, G., Zou, W.: Checksum-aware fuzzing combined with dynamic taint analysis and symbolic execution. ACM Trans. Inf. Syst. Secur. 14(2), 15:1\u201315:28 (2011). \nhttp:\/\/doi.acm.org\/10.1145\/2019599.2019600"},{"key":"4_CR33","doi-asserted-by":"crossref","unstructured":"Yang, X., Chen, Y., Eide, E., Regehr, J.: Finding and understanding bugs in c compilers. SIGPLAN Not. 46(6), 283\u2013294 (2011). \nhttp:\/\/doi.acm.org\/10.1145\/1993316.1993532","DOI":"10.1145\/1993316.1993532"}],"container-title":["Lecture Notes in Computer Science","Information Security and Privacy"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-59870-3_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,5,29]],"date-time":"2017-05-29T22:15:45Z","timestamp":1496096145000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-59870-3_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319598697","9783319598703"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-59870-3_4","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]}}}