{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T00:49:37Z","timestamp":1740098977289,"version":"3.37.3"},"publisher-location":"Cham","reference-count":39,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319698106"},{"type":"electronic","value":"9783319698113"}],"license":[{"start":{"date-parts":[[2017,11,2]],"date-time":"2017-11-02T00:00:00Z","timestamp":1509580800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-69811-3_37","type":"book-chapter","created":{"date-parts":[[2017,11,1]],"date-time":"2017-11-01T00:08:02Z","timestamp":1509494882000},"page":"404-413","source":"Crossref","is-referenced-by-count":0,"title":["Mocov: Model Based Fuzzing Through Coverage Guided Technology"],"prefix":"10.1007","author":[{"given":"Chen","family":"Chen","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhouguo","family":"Chen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yongle","family":"Hao","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Baojiang","family":"Cui","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2017,11,2]]},"reference":[{"key":"37_CR1","unstructured":"Definition of software bug. https:\/\/en.wikipedia.org\/wiki\/Software_bug"},{"key":"37_CR2","doi-asserted-by":"crossref","unstructured":"Miller, B.P., Fredriksen, L., So, B.: An empirical study of the reliability of unix utilities. Commun. ACM, 33(12) 32\u201344 (1990)","DOI":"10.1145\/96267.96279"},{"key":"37_CR3","unstructured":"SPIKE Fuzzer Platform. http:\/\/resources.infosecinstitute.com\/fuzzer-automation-with-spike"},{"key":"37_CR4","unstructured":"Peach Fuzzer Platform. http:\/\/www.peachfuzzer.com\/products\/peach-platform"},{"key":"37_CR5","doi-asserted-by":"crossref","unstructured":"Pham, V.T., B\u00f6hme, M., Roychoudhury, A.: Model-based whitebox fuzzing for program binaries. In: Automated Software Engineering, pp. 552\u2013562 (2016)","DOI":"10.1145\/2970276.2970316"},{"key":"37_CR6","unstructured":"Roning, J., Laakso, M., Takanen, A., Kaksonen, R.: Protos - systematic approach to eliminate software vulnerabilities (2002). http:\/\/www.ee.oulu.fi\/research\/ouspg\/PROTOSMSR2002-protos"},{"key":"37_CR7","doi-asserted-by":"crossref","unstructured":"Godefroid, P., Kiezun, A., Levin, M.Y.: Grammar-based whitebox fuzzing. In: Proceedings of the 29th ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 206\u2013215 (2008)","DOI":"10.1145\/1375581.1375607"},{"key":"37_CR8","doi-asserted-by":"crossref","unstructured":"Sen, K., Marinov, D., Agha, G.: CUTE: a concolic unit testing engine for C. In: 5th Joint Meeting of the European Software Engineering Conference and ACM Symposium on the Foundations of Software Engineering (2005)","DOI":"10.1145\/1081706.1081750"},{"key":"37_CR9","doi-asserted-by":"crossref","unstructured":"Godefroid, P., Klarlund, N., Sen, K.: DART: directed automated random testing. In: Proceedings of the Conference on Programming Language Design and Implementation (2005)","DOI":"10.1145\/1065010.1065036"},{"key":"37_CR10","doi-asserted-by":"crossref","unstructured":"Cadar, C., Ganesh, V., Pawlowski, P., Dill, D., Engler, D.: EXE: automatically generating inputs of death. In: Proceedings of the 13th ACM Conference on Computer and Communications Security (2006)","DOI":"10.1145\/1180405.1180445"},{"key":"37_CR11","unstructured":"Godefroid, P., Levin, M., Molnar, D.: Automated whitebox fuzz testing. In: Proceedings of the 15th Annual Network and Distributed System Security Symposium (2008)"},{"key":"37_CR12","unstructured":"Cadar, C., Dunbar, D., Engler, D.R.: KlEE: unassisted and automatic generation of high-coverage tests for complex systems programs. In: OSDI. USENIX Association (2008)"},{"key":"37_CR13","doi-asserted-by":"crossref","unstructured":"Wang, T., Wei, T., Gu, G., Zou, W.: TaintScope: a checksum-aware directed fuzzing tool for automatic software vulnerability detection. In: Proceedings of the IEEE Symposium on Security and Privacy (2010)","DOI":"10.1109\/SP.2010.37"},{"key":"37_CR14","doi-asserted-by":"crossref","unstructured":"Marinescu, P.D., Cadar, C.: Make test-zesti: a symbolic execution solution for improving regression testing. In: Proceedings of the 2012 International Conference on Software Engineering, pp. 716\u2013726 (2012)","DOI":"10.1109\/ICSE.2012.6227146"},{"key":"37_CR15","unstructured":"Haller, I., Slowinska, A., Bos, H.: Dowser: a guided fuzzer to find buffer overflow vulnerabilities. In: Proceedings of the European Workshop on System Security (2013)"},{"key":"37_CR16","unstructured":"Haller, I., Slowinska, A., Neugschwandtner, M., Bos, H.: Dowsing for overflows: a guided fuzzer to find buffer boundary violations. In: Proceedings of the USENIX Security Symposium (2013)"},{"key":"37_CR17","doi-asserted-by":"crossref","unstructured":"Cui, H., Hu, G., Wu, J., Yang, J.: Verifying systems rules using rule-directed symbolic execution. In: Proceedings of the Conference on Architectural Support for Programming Languages and Operating Systems (2013)","DOI":"10.1145\/2451116.2451152"},{"key":"37_CR18","doi-asserted-by":"crossref","unstructured":"Neugschwandtner, M., Comparetti, M.P., Haller, I., Bos, H.: The BORG: Nanoprobing binaries for buffer overreads. In: CODASPY, pp. 87\u201397 (2015)","DOI":"10.1145\/2699026.2699098"},{"key":"37_CR19","doi-asserted-by":"crossref","unstructured":"Stephens, N., Grosen, J., Salls, C., Dutcher, A., Wang, R., Corbetta, J., Shoshitaishvili, Y., Kruegel, C., Vigna, G.: Driller: augmenting fuzzing through selective symbolic execution, pp. 1\u201316 (2016)","DOI":"10.14722\/ndss.2016.23368"},{"key":"37_CR20","doi-asserted-by":"crossref","unstructured":"Person, S., Yang, G., Rungta, N., Khurshid, S.: Directed incremental symbolic execution. In: Proceedings of the ACM Conference on Programming Language Design and Implementation (PLDI) (2011)","DOI":"10.1145\/1993498.1993558"},{"key":"37_CR21","doi-asserted-by":"crossref","unstructured":"Ganesh, V., Leek, T., Rinard, M.: Taint-based directed whitebox fuzzing, pp. 474\u2013484 (2009)","DOI":"10.1109\/ICSE.2009.5070546"},{"key":"37_CR22","unstructured":"Zalewski, M.: American Fuzzy Lop. https:\/\/github.com\/mirrorer\/afl"},{"key":"37_CR23","unstructured":"honggfuzz: http:\/\/honggfuzz.com"},{"key":"37_CR24","unstructured":"syzkaller: https:\/\/github.com\/google\/syzkaller"},{"key":"37_CR25","unstructured":"Serebryany, K.: Libfuzzer: a library for coverage-guided fuzz testing. http:\/\/llvm.org\/docs\/LibFuzzer.html"},{"key":"37_CR26","doi-asserted-by":"crossref","unstructured":"Rawat, S., Jain, V., Kumar, A., Cojocar, L., Giuffrida, C., Bos, H.: VUzzer: application-aware evolutionary fuzzing. In: NDSS (2017)","DOI":"10.14722\/ndss.2017.23404"},{"key":"37_CR27","unstructured":"Suley Fuzzer. https:\/\/github.com\/OpenRCE\/sulley"},{"key":"37_CR28","unstructured":"A crash course to radamsa. https:\/\/github.com\/aoh\/radamsa"},{"key":"37_CR29","unstructured":"mangleme. http:\/\/freecode.com\/projects\/mangleme"},{"key":"37_CR30","unstructured":"Holler, C., Herzig, K., Zeller, A.: Fuzzing with code fragments. In: Proceedings of USENIX Security, pp. 445\u2013458 (2012)"},{"key":"37_CR31","doi-asserted-by":"crossref","unstructured":"Yang, X.J., Chen, Y., Eide, E., Regehr, J.: Finding and understanding bugs in C compilers. In: Proceedings of PLDI, pp. 283\u2013294 (2011)","DOI":"10.1145\/1993498.1993532"},{"key":"37_CR32","doi-asserted-by":"crossref","unstructured":"Veggalam, S., Rawat, S., Haller, I., Bos, H.: Ifuzzer: an evolutionary interpreter fuzzer using genetic programming. In: ESORICS, pp. 581\u2013601 (2016)","DOI":"10.1007\/978-3-319-45744-4_29"},{"key":"37_CR33","doi-asserted-by":"crossref","unstructured":"Sparks, S., Embleton, S., Cunningham, R., Zou, C.: Automated vulnerability analysis: Leveraging control flow for evolutionary input crafting. In: Computer Security Applications Conference, pp. 477\u2013486 (2007)","DOI":"10.1109\/ACSAC.2007.4413013"},{"key":"37_CR34","doi-asserted-by":"crossref","unstructured":"Cha, S.K., Avgerinos, T., Rebert, A., Brumley, D.: Unleashing Mayhem on binary code. In: Proceedings of the IEEE Symposium on Security and Privacy (2012)","DOI":"10.1109\/SP.2012.31"},{"key":"37_CR35","doi-asserted-by":"crossref","unstructured":"Huang, S.K., Huang, M.H., Huang, P.Y., Lu, H.L., Lai, C.W.: Software crash analysis for automatic exploit generation on binary programs. IEEE Trans. Reliab. 63, 270\u2013289 (2014)","DOI":"10.1109\/TR.2014.2299198"},{"key":"37_CR36","doi-asserted-by":"crossref","unstructured":"Avgerinos, T., Cha, S. K., Rebert, A., Schwartz, E. J., Woo, M., Brumley, D.: Automatic exploit generation. Commun. ACM, 57(2), 74\u201384 (2014)","DOI":"10.1145\/2560217.2560219"},{"key":"37_CR37","doi-asserted-by":"crossref","unstructured":"Bohme, M., Pham, V.T., Roychoudhury, A.: Coverage-based greybox fuzzing as markov chain. In: CCS 2016, pp. 1032\u20131043 New York (2016)","DOI":"10.1145\/2976749.2978428"},{"key":"37_CR38","volume-title":"Markov Chains. Cambridge Series in Statistical and Probabilistic Mathematics","author":"JR Norris","year":"1998","unstructured":"Norris, J.R.: Markov Chains. Cambridge Series in Statistical and Probabilistic Mathematics. Cambridge University Press, Cambridge (1998)"},{"key":"37_CR39","unstructured":"Ganesh, V., Leek, T., Rinard, M.: BuzzFuzz whitebox fuzzing. In: Proceedings of the 31st International Conference on Software Engineering (2009)"}],"container-title":["Lecture Notes on Data Engineering and Communications Technologies","Advances on Broad-Band Wireless Computing, Communication and Applications"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-69811-3_37","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,5]],"date-time":"2019-10-05T08:05:55Z","timestamp":1570262755000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-69811-3_37"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,11,2]]},"ISBN":["9783319698106","9783319698113"],"references-count":39,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-69811-3_37","relation":{},"ISSN":["2367-4512","2367-4520"],"issn-type":[{"type":"print","value":"2367-4512"},{"type":"electronic","value":"2367-4520"}],"subject":[],"published":{"date-parts":[[2017,11,2]]}}}