{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T14:42:29Z","timestamp":1775054549872,"version":"3.50.1"},"publisher-location":"Cham","reference-count":38,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319663319","type":"print"},{"value":"9783319663326","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-66332-6_1","type":"book-chapter","created":{"date-parts":[[2017,10,11]],"date-time":"2017-10-11T07:58:05Z","timestamp":1507708685000},"page":"3-25","source":"Crossref","is-referenced-by-count":16,"title":["VDF: Targeted Evolutionary Fuzz Testing of Virtual Devices"],"prefix":"10.1007","author":[{"given":"Andrew","family":"Henderson","sequence":"first","affiliation":[]},{"given":"Heng","family":"Yin","sequence":"additional","affiliation":[]},{"given":"Guang","family":"Jin","sequence":"additional","affiliation":[]},{"given":"Hao","family":"Han","sequence":"additional","affiliation":[]},{"given":"Hongmei","family":"Deng","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,10,12]]},"reference":[{"key":"1_CR1","unstructured":"Advanced Linux Sound Architecture (ALSA). http:\/\/www.alsa-project.org"},{"key":"1_CR2","unstructured":"Amazon.com, Inc., Form 10-K 2015. http:\/\/www.sec.gov\/edgar.shtml"},{"key":"1_CR3","unstructured":"CVE-2014-2894: Off-by-one error in the cmd start function in smart self test in IDE core. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2014-2894"},{"key":"1_CR4","unstructured":"CVE-2015-3456: Floppy disk controller (FDC) allows guest users to cause denial of service. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-3456"},{"key":"1_CR5","unstructured":"CVE-2015-5279: Heap-based buffer overflow in NE2000 virtual device. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-5279"},{"key":"1_CR6","unstructured":"CVE-2015-6855: IDE core does not properly restrict commands. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-6855"},{"key":"1_CR7","unstructured":"CVE-2016-1981: Reserved. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2016-1981"},{"key":"1_CR8","unstructured":"CVE-2016-8910: Qemu: net: rtl8139: infinite loop while transmit in C+ mode. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2016-8910"},{"key":"1_CR9","unstructured":"Features\/QTest. http:\/\/wiki.qemu.org\/Features\/QTest"},{"key":"1_CR10","unstructured":"Kernel-Based Virtual Machine. http:\/\/www.linux-kvm.org\/"},{"key":"1_CR11","unstructured":"PCI - OSDev Wiki. http:\/\/wiki.osdev.org\/PCI"},{"key":"1_CR12","unstructured":"[Qemu-devel] [PATCH 1\/2] hw\/sd: implement CMD23 (SET_BLOCK_COUNT) for MMC compatibility. https:\/\/lists.gnu.org\/archive\/html\/qemu-devel\/2015-12\/msg00948.html"},{"key":"1_CR13","unstructured":"[Qemu-devel] [PATCH 1\/5] Provide support for the CUSE TPM. https:\/\/lists.nongnu.org\/archive\/html\/qemu-devel\/2015-04\/msg01792.html"},{"key":"1_CR14","unstructured":"[Qemu-devel] [PATCH] e1000: eliminate infinite loops on out-of-bounds transfer start. https:\/\/lists.gnu.org\/archive\/html\/qemu-devel\/2016-01\/msg03454.html"},{"key":"1_CR15","unstructured":"Qubes OS Project. https:\/\/www.qubes-os.org\/"},{"key":"1_CR16","unstructured":"TrouSerS - The open-source TCG software stack. http:\/\/trousers.sourceforge.net"},{"key":"1_CR17","unstructured":"Avgerinos, T., Cha, S.K., Lim, B., Hao, T., Brumley, D.: AEG: automatic exploit generation. In: Proceedings of Network and Distributed System Security Symposium (NDSS) (2011)"},{"issue":"5","key":"1_CR18","doi-asserted-by":"crossref","first-page":"164","DOI":"10.1145\/1165389.945462","volume":"37","author":"P Barham","year":"2003","unstructured":"Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., Warfield, A.: Xen and the art of virtualization. ACM SIGOPS Operating Syst. Rev. 37(5), 164 (2003)","journal-title":"ACM SIGOPS Operating Syst. Rev."},{"key":"1_CR19","unstructured":"Bellard, F.: QEMU, a fast and portable dynamic translator. In: USENIX Annual Technical Conference, Freenix Track, pp. 41\u201346 (2005)"},{"key":"1_CR20","unstructured":"Berger, S.: libtpms library. https:\/\/github.com\/stefanberger\/libtpms"},{"key":"1_CR21","doi-asserted-by":"crossref","unstructured":"B\u00f6hme, M., Pham, V.T., Roychoudhury, A.: Coverage-based greybox fuzzing as markov chain. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS 2016 (2016)","DOI":"10.1145\/2976749.2978428"},{"key":"1_CR22","doi-asserted-by":"crossref","unstructured":"B\u00f6ttinger, K., Eckert, C.: Deepfuzz: triggering vulnerabilities deeply hidden in binaries. In: Proceedings of the 13th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2016 (2016)","DOI":"10.1007\/978-3-319-40667-1_2"},{"key":"1_CR23","unstructured":"Bryant, C.: [1\/4] tpm: Add TPM NVRAM Implementation (2013). https:\/\/patchwork.ozlabs.org\/patch\/288936\/"},{"key":"1_CR24","unstructured":"Cadar, C., Dunbar, D., Engler, D.: KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs. In: Proceedings of the 8th Symposium on Operating Systems Design and Implementation, pp. 209\u2013224. USENIX Association (2008)"},{"key":"1_CR25","doi-asserted-by":"crossref","unstructured":"Cha, S.K., Avgerinos, T., Rebert, A., Brumley, D.: Unleashing mayhem on binary code. In: 2012 IEEE Symposium on Security and Privacy, pp. 380\u2013394. IEEE, May 2012","DOI":"10.1109\/SP.2012.31"},{"key":"1_CR26","unstructured":"Chipounov, V., Georgescu, V., Zamfir, C., Candea, G.: Selective symbolic execution. In: Proceedings of Fifth Workshop on Hot Topics in System Dependability, June, Lisbon, Portugal (2009)"},{"key":"1_CR27","unstructured":"Chow, J., Garfinkel, T., Chen, P.M.: Decoupling dynamic program analysis from execution in virtual environments. In: USENIX Annual Technical Conference, pp. 1\u201314 (2008)"},{"key":"1_CR28","doi-asserted-by":"crossref","unstructured":"Cong, K., Xie, F., Lei, L.: Symbolic execution of virtual devices. In: 2013 13th International Conference on Quality Software, pp. 1\u201310. IEEE, July 2013","DOI":"10.1109\/QSIC.2013.44"},{"key":"1_CR29","volume-title":"Linux Device Drivers","author":"J Corbet","year":"2005","unstructured":"Corbet, J., Rubini, A., Kroah-Hartman, G.: Linux Device Drivers, 3rd edn. O\u2019 Reilly Media Inc., Sebastopol (2005)","edition":"3"},{"key":"1_CR30","doi-asserted-by":"crossref","unstructured":"Dolan-Gavitt, B., Hodosh, J., Hulin, P., Leek, T., Whelan, R.: Repeatable Reverse Engineering for the Greater Good with PANDA. Technical report, Columbia University, MIT Lincoln Laboratory, TR CUCS-023-14 (2014)","DOI":"10.1145\/2843859.2843867"},{"issue":"SI","key":"1_CR31","doi-asserted-by":"crossref","first-page":"211","DOI":"10.1145\/844128.844148","volume":"36","author":"GW Dunlap","year":"2002","unstructured":"Dunlap, G.W., King, S.T., Cinar, S., Basrai, M.A., Chen, P.M.: ReVirt: enabling intrusion analysis through virtual-machine logging and replay. ACM SIGOPS Operating Syst. Rev. 36(SI), 211\u2013224 (2002)","journal-title":"ACM SIGOPS Operating Syst. Rev."},{"issue":"12","key":"1_CR32","doi-asserted-by":"crossref","first-page":"32","DOI":"10.1145\/96267.96279","volume":"33","author":"BP Miller","year":"1990","unstructured":"Miller, B.P., Fredriksen, L., So, B.: An empirical study of the reliability of UNIX utilities. Commun. ACM 33(12), 32\u201344 (1990)","journal-title":"Commun. ACM"},{"key":"1_CR33","doi-asserted-by":"crossref","unstructured":"Rawat, S., Jain, V., Kumar, A., Cojocar, L., Giuffrida, C., Bos, H.: VUzzer: application-aware evolutionary fuzzing. In: NDSS, February 2017","DOI":"10.14722\/ndss.2017.23404"},{"key":"1_CR34","unstructured":"Rebert, A., Cha, S.K., Avgerinos, T., Foote, J., Warren, D., Grieco, G., Brumley, D.: Optimizing seed selection for fuzzing. In: 23rd USENIX Security Symposium (2014)"},{"key":"1_CR35","doi-asserted-by":"crossref","unstructured":"Stephens, N., Grosen, J., Salls, C., Dutcher, A., Wang, R., Corbetta, J., Shoshitaishvili, Y., Kruegel, C., Vigna, G.: Driller: augmenting fuzzing through selective symbolic execution. In: Proceedings of NDSS 2016, February 2016","DOI":"10.14722\/ndss.2016.23368"},{"key":"1_CR36","unstructured":"Tang, J., Li, M.: When virtualization encounter AFL. In: Black Hat Europe (2016)"},{"key":"1_CR37","unstructured":"Wu, C., Wang, Z., Jiang, X.: Taming hosted hypervisors with (mostly) deprivileged execution. In: Network and Distributed System Security Symposium (2013)"},{"key":"1_CR38","unstructured":"Zalewski, M.: American Fuzzy Lop Fuzzer. http:\/\/lcamtuf.coredump.cx\/afl\/"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions, and Defenses"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-66332-6_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,4]],"date-time":"2019-10-04T09:17:44Z","timestamp":1570180664000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-66332-6_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319663319","9783319663326"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-66332-6_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]}}}