{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,2]],"date-time":"2026-04-02T16:10:35Z","timestamp":1775146235835,"version":"3.50.1"},"reference-count":175,"publisher":"Springer Science and Business Media LLC","issue":"6","license":[{"start":{"date-parts":[[2023,10,31]],"date-time":"2023-10-31T00:00:00Z","timestamp":1698710400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,10,31]],"date-time":"2023-10-31T00:00:00Z","timestamp":1698710400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"funder":[{"DOI":"10.13039\/501100001809","name":"national natural science foundation of china","doi-asserted-by":"publisher","award":["61827810"],"award-info":[{"award-number":["61827810"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Soft Comput"],"published-print":{"date-parts":[[2024,3]]},"DOI":"10.1007\/s00500-023-09306-2","type":"journal-article","created":{"date-parts":[[2023,10,31]],"date-time":"2023-10-31T19:02:38Z","timestamp":1698778958000},"page":"5493-5522","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":29,"title":["A systematic review of fuzzing"],"prefix":"10.1007","volume":"28","author":[{"given":"Xiaoqi","family":"Zhao","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1564-8980","authenticated-orcid":false,"given":"Haipeng","family":"Qu","sequence":"additional","affiliation":[]},{"given":"Jianliang","family":"Xu","sequence":"additional","affiliation":[]},{"given":"Xiaohui","family":"Li","sequence":"additional","affiliation":[]},{"given":"Wenjie","family":"Lv","sequence":"additional","affiliation":[]},{"given":"Gai-Ge","family":"Wang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,10,31]]},"reference":[{"key":"9306_CR1","unstructured":"Abhishek A, Cris N (2012) Fuzzing for security. https:\/\/blog.chromium.org\/2012\/04\/fuzzing-for-security.html. Accessed on 30 March 2021"},{"key":"9306_CR2","doi-asserted-by":"publisher","unstructured":"Aschermann C, Schumilo S, Blazytko T, Gawlik R, Holz T (2019) REDQUEEN: fuzzing with input-to-state correspondence. In: Proceedings 2019 network and distributed system security symposium. https:\/\/doi.org\/10.14722\/ndss.2019.23371","DOI":"10.14722\/ndss.2019.23371"},{"key":"9306_CR3","doi-asserted-by":"publisher","first-page":"367","DOI":"10.1016\/j.cor.2019.07.012","volume":"111","author":"MG Avci","year":"2019","unstructured":"Avci MG, Avci M (2019) An adaptive large neighborhood search approach for multiple traveling repairman problem with profits. Comput Oper Res 111:367\u2013385. https:\/\/doi.org\/10.1016\/j.cor.2019.07.012","journal-title":"Comput Oper Res"},{"key":"9306_CR4","doi-asserted-by":"publisher","unstructured":"Avgerinos T, Rebert A, Cha SK, Brumley D (2014) Enhancing symbolic execution with veritesting. In: Proceedings of the 36th international conference on software engineering, pp 1083\u20131094. https:\/\/doi.org\/10.1145\/2568225.2568293","DOI":"10.1145\/2568225.2568293"},{"issue":"3","key":"9306_CR5","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3182657","volume":"51","author":"R Baldoni","year":"2018","unstructured":"Baldoni R, Coppa E, D\u2019elia DC, Demetrescu C, Finocchi I (2018) A survey of symbolic execution techniques. ACM Comput Surv (CSUR) 51(3):1\u201339","journal-title":"ACM Comput Surv (CSUR)"},{"key":"9306_CR6","doi-asserted-by":"publisher","unstructured":"Banks G, Cova M, Felmetsger V, Almeroth K, Kemmerer R, Vigna G (2006) SNOOZE: toward a stateful network protocol fuzzer. In: International conference on information security, pp 343\u2013358. https:\/\/doi.org\/10.1007\/11836810_25","DOI":"10.1007\/11836810_25"},{"key":"9306_CR7","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.cose.2022.102813","volume":"120","author":"C Beaman","year":"2022","unstructured":"Beaman C, Redbourne M, Mummery JD, Hakak S (2022) Fuzzing vulnerability discovery techniques: survey, challenges and future directions. Comput Secur 120:1\u201313. https:\/\/doi.org\/10.1016\/j.cose.2022.102813","journal-title":"Comput Secur"},{"key":"9306_CR8","doi-asserted-by":"publisher","unstructured":"Bekrar S, Bekrar C, Groz R, Mounier L (2012) A taint based approach for smart fuzzing. In: 2012 IEEE fifth international conference on software testing, verification and validation, pp 818\u2013825. https:\/\/doi.org\/10.1109\/icst.2012.182","DOI":"10.1109\/icst.2012.182"},{"key":"9306_CR9","unstructured":"Blazytko T, Aschermann C, Schl\u00f6gel M, Abbasi A, Schumilo S, W\u00f6rner S, Holz T (2019) GRIMOIRE: synthesizing structure while fuzzing. In: 28th USENIX security symposium, pp 1985\u20132002"},{"key":"9306_CR10","doi-asserted-by":"publisher","unstructured":"Blotsky D, Mora F, Berzish M, Zheng Y, Kabir I, Ganesh V (2018) Stringfuzz: a fuzzer for string solvers. In: International conference on computer aided verification, pp 45\u201351. https:\/\/doi.org\/10.1007\/978-3-319-96142-2_6","DOI":"10.1007\/978-3-319-96142-2_6"},{"issue":"5","key":"9306_CR11","doi-asserted-by":"publisher","first-page":"489","DOI":"10.1109\/tse.2017.2785841","volume":"45","author":"M B\u00f6hme","year":"2019","unstructured":"B\u00f6hme M, Pham V, Roychoudhury A (2019) Coverage-based greybox fuzzing as Markov chain. IEEE Trans Softw Eng 45(5):489\u2013506. https:\/\/doi.org\/10.1109\/tse.2017.2785841","journal-title":"IEEE Trans Softw Eng"},{"key":"9306_CR12","doi-asserted-by":"publisher","unstructured":"B\u00f6hme M, Falk B (2020) Fuzzing: on the exponential cost of vulnerability discovery. In: Proceedings of the 28th ACM joint meeting on European software engineering conference and symposium on the foundations of software engineering, pp 713\u2013724. https:\/\/doi.org\/10.1145\/3368089.3409729","DOI":"10.1145\/3368089.3409729"},{"key":"9306_CR13","doi-asserted-by":"publisher","unstructured":"B\u00f6hme M, Pham VT, Nguyen MD, Roychoudhury A (2017) Directed greybox fuzzing. In: Proceedings of the 2017 ACM SIGSAC conference on computer and communications security, pp 2329\u20132344. https:\/\/doi.org\/10.1145\/3133956.3134020","DOI":"10.1145\/3133956.3134020"},{"key":"9306_CR14","unstructured":"Brad A (2009) Adobe reader and acrobat security initiative. https:\/\/blogs.adobe.com\/security\/2009\/05\/adobe_reader_and_acrobat_secur.html. Accessed on 30 March 2021"},{"key":"9306_CR15","doi-asserted-by":"publisher","unstructured":"Brennan T, Saha S, Bultan T (2020) JVM fuzzing for JIT-induced side-channel detection. In: Proceedings of the ACM\/IEEE 42nd international conference on software engineering, pp 1011\u20131023. https:\/\/doi.org\/10.1145\/3377811.3380432","DOI":"10.1145\/3377811.3380432"},{"key":"9306_CR16","doi-asserted-by":"publisher","unstructured":"Bugariu A, M\u00fcller P (2020) Automatically testing string solvers. In: Proceedings of the ACM\/IEEE 42nd international conference on software engineering, pp 1459\u20131470. https:\/\/doi.org\/10.1145\/3377811.3380398","DOI":"10.1145\/3377811.3380398"},{"key":"9306_CR17","doi-asserted-by":"publisher","unstructured":"Chen Y, Ahmadi M, Farkhani RM, Wang B, Lu L (2020) MEUZZ: smart seed scheduling for hybrid fuzzing. In: International symposium on recent advances in intrusion detection, pp 77\u201392. https:\/\/doi.org\/10.14722\/ndss.2021.24486","DOI":"10.14722\/ndss.2021.24486"},{"key":"9306_CR18","doi-asserted-by":"publisher","unstructured":"Chen P, Chen H (2018) Angora: efficient fuzzing by principled search. In: 2018 IEEE symposium on security and privacy, pp 711\u2013725. https:\/\/doi.org\/10.1109\/sp.2018.00046","DOI":"10.1109\/sp.2018.00046"},{"key":"9306_CR19","unstructured":"Chen H, Guo S, Xue Y, Sui Y, Zhang C, Li Y, Wang H, Liu Y (2020) MUZZ: thread-aware grey-box fuzzing for effective bug hunting in multithreaded programs. In: 29th USENIX security symposium, pp 2325\u20132342"},{"key":"9306_CR20","unstructured":"Chen Y, Jiang Y, Ma F, Liang J, Wang M, Zhou C, Jiao X, Su Z (2019) EnFuzz: ensemble fuzzing with seed synchronization among diverse fuzzers. In: 28th USENIX security symposium, pp 1967\u20131983"},{"key":"9306_CR21","doi-asserted-by":"publisher","unstructured":"Chen P, Liu J, Chen H (2019) Matryoshka: fuzzing deeply nested branches. In: Proceedings of the 2019 ACM SIGSAC conference on computer and communications security, pp 499\u2013513. https:\/\/doi.org\/10.1145\/3319535.3363225","DOI":"10.1145\/3319535.3363225"},{"key":"9306_CR22","doi-asserted-by":"publisher","unstructured":"Chen Y, Li P, Xu J, Guo S, Zhou R, Zhang Y, Wei T, Lu L (2020) Savior: towards bug-driven hybrid testing. In: 2020 IEEE symposium on security and privacy, pp 1580\u20131596. https:\/\/doi.org\/10.1109\/sp40000.2020.00002","DOI":"10.1109\/sp40000.2020.00002"},{"key":"9306_CR23","doi-asserted-by":"publisher","unstructured":"Chen H, Xue Y, Li Y, Chen B, Xie X, Wu X, Liu Y (2018) Hawkeye: towards a desired directed grey-box fuzzer. In: Proceedings of the 2018 ACM SIGSAC conference on computer and communications security, pp 2095\u20132108. https:\/\/doi.org\/10.1145\/3243734.3243849","DOI":"10.1145\/3243734.3243849"},{"key":"9306_CR24","unstructured":"Chris E, Matt M, Tavis O (2011) Fuzzing at scale. https:\/\/security.googleblog.com\/2011\/08\/fuzzing-at-scale.html. Accessed on 30 March 2021"},{"key":"9306_CR25","unstructured":"Cisco secure development lifecycle (2018). https:\/\/www.cisco.com\/c\/en\/us\/about\/trust-center\/technology-built-in-security.html#~processes. Accessed on 6 Aug 2023"},{"key":"9306_CR26","unstructured":"Clang (2007). https:\/\/clang.llvm.org\/. Accessed on 1 March 2021"},{"key":"9306_CR27","doi-asserted-by":"publisher","unstructured":"Corina J, Machiry A, Salls C, Shoshitaishvili Y, Hao S, Kruegel C, Vigna G (2017) Difuze: interface aware fuzzing for kernel drivers. In: Proceedings of the 2017 ACM SIGSAC conference on computer and communications security, pp 2123\u20132138. https:\/\/doi.org\/10.1145\/3133956.3134069","DOI":"10.1145\/3133956.3134069"},{"key":"9306_CR28","unstructured":"CVC4 (2021). https:\/\/cvc4.github.io\/. Accessed on 30 March 2021"},{"key":"9306_CR29","unstructured":"CVE-fuzzing-poc (2016). https:\/\/github.com\/geeknik\/cve-fuzzing-poc. Accessed on 30 March 2021"},{"key":"9306_CR30","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1016\/j.future.2023.05.021","volume":"148","author":"G D\u2019Angelo","year":"2023","unstructured":"D\u2019Angelo G, Farsimadan E, Ficco M, Palmieri F, Robustelli A (2023) Privacy-preserving malware detection in android-based IoT devices through federated Markov chains. Futur Gener Comput Syst 148:93\u2013105. https:\/\/doi.org\/10.1016\/j.future.2023.05.021","journal-title":"Futur Gener Comput Syst"},{"key":"9306_CR31","doi-asserted-by":"crossref","unstructured":"D\u2019Angelo G, Ficco M, Robustelli A (2023) An association rules-based approach for anomaly detection on can-bus. In: International conference on computational science and its applications. Springer, pp 174\u2013190","DOI":"10.1007\/978-3-031-37108-0_12"},{"key":"9306_CR32","unstructured":"Darpa cyber grand challenge. https:\/\/www.darpa.mil\/program\/cyber-grand-challenge. Accessed on 6 Aug 2023"},{"key":"9306_CR33","doi-asserted-by":"crossref","unstructured":"Deng Y, Xia CS, Peng H, Yang C, Zhang L (2023) Large language models are zero-shot fuzzers: fuzzing deep-learning libraries via large language models. In: Proceedings of the 32nd ACM SIGSOFT international symposium on software testing and analysis, pp 423\u2013435","DOI":"10.1145\/3597926.3598067"},{"key":"9306_CR34","doi-asserted-by":"crossref","unstructured":"Ding ZY, Goues CL (2021) An empirical study of oss-fuzz bugs. arXiv preprint arXiv:2103.11518","DOI":"10.1109\/MSR52588.2021.00026"},{"key":"9306_CR35","doi-asserted-by":"publisher","unstructured":"Donaldson AF, Clayton B, Harrison R, Mohsin H, Neto D, Teliman V, Watson H (2023) Industrial deployment of compiler fuzzing techniques for two GPU shading languages. In: 2023 IEEE conference on software testing, verification and validation, pp 374\u2013385. https:\/\/doi.org\/10.1109\/ICST57152.2023.00042","DOI":"10.1109\/ICST57152.2023.00042"},{"key":"9306_CR36","unstructured":"Dynamorio. https:\/\/github.com\/DynamoRIO\/dynamorio. Accessed on 30 March 2021"},{"issue":"2","key":"9306_CR37","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1002\/stvr.224","volume":"11","author":"SH Edwards","year":"2001","unstructured":"Edwards SH (2001) A framework for practical, automated black-box testing of component-based software. Softw Test Veri Reliab 11(2):97\u2013111. https:\/\/doi.org\/10.1002\/stvr.224","journal-title":"Softw Test Veri Reliab"},{"issue":"1\u201318","key":"9306_CR38","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1186\/s42400-022-00123-y","volume":"5","author":"M Eisele","year":"2022","unstructured":"Eisele M, Maugeri M, Shriwas R, Huth C, Bella G (2022) Embedded fuzzing: a review of challenges, tools, and solutions. Cybersecurity 5(1\u201318):18. https:\/\/doi.org\/10.1186\/s42400-022-00123-y","journal-title":"Cybersecurity"},{"key":"9306_CR39","unstructured":"Fioraldi A, Maier D, Ei\u00dffeldt H, Heuse M (2020) AFL++ : combining incremental steps of fuzzing research. In: 14th USENIX workshop on offensive technologies, pp 1\u201312"},{"key":"9306_CR40","unstructured":"Frida. https:\/\/frida.re\/. Accessed on 30 March 2021"},{"key":"9306_CR41","unstructured":"Fuzzdata (2015). https:\/\/github.com\/MozillaSecurity\/fuzzdata.git. Accessed on 30 March 2021"},{"key":"9306_CR42","doi-asserted-by":"publisher","unstructured":"Ganesh V, Leek T, Rinard M (2009) Taint-based directed whitebox fuzzing. In: 2009 IEEE 31st international conference on software engineering, pp 474\u2013484. https:\/\/doi.org\/10.1109\/icse.2009.5070546","DOI":"10.1109\/icse.2009.5070546"},{"key":"9306_CR43","unstructured":"Gan S, Zhang C, Chen P, Zhao B, Qin X, Wu D, Chen Z (2020) GREYONE: data flow sensitive fuzzing. In: 29th USENIX security symposium, pp 2577\u20132594"},{"key":"9306_CR44","doi-asserted-by":"publisher","unstructured":"Gan S, Zhang C, Qin X, Tu X, Li K, Pei Z, Chen Z (2018) Collafl: path sensitive fuzzing. In: 2018 IEEE symposium on security and privacy, pp 679\u2013696. https:\/\/doi.org\/10.1109\/sp.2018.00040","DOI":"10.1109\/sp.2018.00040"},{"key":"9306_CR45","doi-asserted-by":"publisher","unstructured":"Gascon H, Wressnegger C, Yamaguchi F, Arp D, Rieck K (2015) Pulsar: stateful black-box fuzzing of proprietary network protocols. In: Security and privacy in communication networks: 11th EAI international conference, SecureComm 2015, Dallas, TX, USA, 26\u201329 Oct 2015, Proceedings 11. Springer, pp 330\u2013347. https:\/\/doi.org\/10.1007\/978-3-319-28865-9_18","DOI":"10.1007\/978-3-319-28865-9_18"},{"key":"9306_CR46","unstructured":"GDB (1988). https:\/\/www.gnu.org\/software\/gdb\/. Accessed on 30 March 2021"},{"key":"9306_CR47","unstructured":"Github. https:\/\/github.com\/. Accessed on 6 Aug 2023"},{"issue":"2","key":"9306_CR48","doi-asserted-by":"publisher","first-page":"70","DOI":"10.1145\/3363824","volume":"63","author":"P Godefroid","year":"2020","unstructured":"Godefroid P (2020) Fuzzing: hack, art, and science. Commun ACM 63(2):70\u201376. https:\/\/doi.org\/10.1145\/3363824","journal-title":"Commun ACM"},{"key":"9306_CR49","first-page":"151","volume":"8","author":"P Godefroid","year":"2008","unstructured":"Godefroid P, Levin MY, Molnar DA (2008) Automated whitebox fuzz testing. Netw Distrib Secur Symp 8:151\u2013166","journal-title":"Netw Distrib Secur Symp"},{"key":"9306_CR50","doi-asserted-by":"publisher","unstructured":"Godefroid P, Kiezun A, Levin MY (2008) Grammar-based whitebox fuzzing. In: Proceedings of the 29th ACM SIGPLAN conference on programming language design and implementation, pp 206\u2013215. https:\/\/doi.org\/10.1145\/1375581.1375607","DOI":"10.1145\/1375581.1375607"},{"key":"9306_CR51","doi-asserted-by":"publisher","unstructured":"Godefroid P, Kiezun A, Levin MY (2008) Grammar-based whitebox fuzzing. In: Proceedings of the 29th ACM SIGPLAN conference on programming language design and implementation, pp 206\u2013215. https:\/\/doi.org\/10.1145\/1375581.1375607","DOI":"10.1145\/1375581.1375607"},{"key":"9306_CR52","doi-asserted-by":"publisher","unstructured":"Godefroid P, Peleg H, Singh R (2017) Learn &fuzz: machine learning for input fuzzing. In: 2017 32nd IEEE\/ACM international conference on automated software engineering, pp 50\u201359. https:\/\/doi.org\/10.1109\/ase.2017.8115618","DOI":"10.1109\/ase.2017.8115618"},{"key":"9306_CR53","unstructured":"google: ClusterFuzz. https:\/\/github.com\/google\/clusterfuzz. Accessed on 30 March 2021"},{"issue":"8","key":"9306_CR54","first-page":"239","volume":"10","author":"S Gorbunov","year":"2010","unstructured":"Gorbunov S, Rosenbloom A (2010) Autofuzz: automated network protocol fuzzing framework. Int J Comput Sci Netw Secur 10(8):239","journal-title":"Int J Comput Sci Netw Secur"},{"key":"9306_CR55","unstructured":"G\u00fcler E, Aschermann C, Abbasi A, Holz T (2019) AntiFuzz: impeding fuzzing audits of binary executables. In: 28th USENIX security symposium, pp 1931\u20131947"},{"key":"9306_CR56","doi-asserted-by":"publisher","unstructured":"G\u00fcler E, G\u00f6rz P, Geretto E, Jemmett A, \u00d6sterlund S, Bos H, Giuffrida C, Holz T (2020) Cupid: automatic fuzzer selection for collaborative fuzzing. In: Annual computer security applications conference, pp 360\u2013372. https:\/\/doi.org\/10.1145\/3427228.3427266","DOI":"10.1145\/3427228.3427266"},{"key":"9306_CR57","doi-asserted-by":"publisher","unstructured":"Han H, Cha SK (2017) IMF: inferred model-based fuzzer. In: Proceedings of the 2017 ACM SIGSAC conference on computer and communications security, pp 2345\u20132358 https:\/\/doi.org\/10.1145\/3133956.3134103","DOI":"10.1145\/3133956.3134103"},{"key":"9306_CR58","doi-asserted-by":"publisher","unstructured":"Han W, Joe B, Lee B, Song C, Shin I (2018) Enhancing memory error detection for large-scale applications and fuzz testing. In: Proceedings 2018 network and distributed system security symposium. https:\/\/doi.org\/10.14722\/ndss.2018.23312","DOI":"10.14722\/ndss.2018.23312"},{"key":"9306_CR59","doi-asserted-by":"publisher","unstructured":"He J, Balunovi\u0107 M, Ambroladze N, Tsankov P, Vechev M (2019) Learning to fuzz from symbolic execution with application to smart contracts. In: Proceedings of the 2019 ACM SIGSAC conference on computer and communications security, pp 531\u2013548. https:\/\/doi.org\/10.1145\/3319535.3363230","DOI":"10.1145\/3319535.3363230"},{"key":"9306_CR60","doi-asserted-by":"publisher","unstructured":"Heelan S, Melham T, Kroening D (2019) Gollum: modular and greybox exploit generation for heap overflows in interpreters. In: Proceedings of the 2019 ACM SIGSAC conference on computer and communications security, pp 1\u201318. https:\/\/doi.org\/10.1145\/3319535.3354224","DOI":"10.1145\/3319535.3354224"},{"key":"9306_CR61","doi-asserted-by":"publisher","unstructured":"Henderson A, Yin H, Jin G, Han H, Deng H (2017) VDF: targeted evolutionary fuzz testing of virtual devices. In: International symposium on research in attacks, intrusions, and defenses, pp 3\u201325. https:\/\/doi.org\/10.1007\/978-3-319-66332-6_1","DOI":"10.1007\/978-3-319-66332-6_1"},{"key":"9306_CR62","unstructured":"HonggFuzz (2015). https:\/\/honggfuzz.dev\/. Accessed on 30 March 2021"},{"issue":"3\/4","key":"9306_CR63","doi-asserted-by":"publisher","first-page":"503","DOI":"10.1504\/ijaac.2022.10046277","volume":"16","author":"L Hou","year":"2022","unstructured":"Hou L, Su Y (2022) Swarm activity-based dynamic PSO for distribution decision. Int J Autom Control 16(3\/4):503\u2013517. https:\/\/doi.org\/10.1504\/ijaac.2022.10046277","journal-title":"Int J Autom Control"},{"key":"9306_CR64","doi-asserted-by":"publisher","unstructured":"Huang H, Yao P, Wu R, Shi Q, Zhang C (2020) PANGOLIN: incremental hybrid fuzzing with polyhedral path abstraction. In: 2020 IEEE symposium on security and privacy, pp 1613\u20131627. https:\/\/doi.org\/10.1109\/sp40000.2020.00063","DOI":"10.1109\/sp40000.2020.00063"},{"key":"9306_CR65","unstructured":"IDA (2003). https:\/\/www.hex-rays.com\/products\/ida\/. Accessed on 30 March 2021"},{"key":"9306_CR66","unstructured":"Jack T, Li M (2016) When virtualization encounter AFL. In: Black Hat Europe"},{"key":"9306_CR67","doi-asserted-by":"publisher","unstructured":"Jain V, Rawat S, Giuffrida C, Bos H (2018) TIFF: using input type inference to improve fuzzing. In: Proceedings of the 34th annual computer security applications conference, pp 505\u2013517. https:\/\/doi.org\/10.1145\/3274694.3274746","DOI":"10.1145\/3274694.3274746"},{"key":"9306_CR68","doi-asserted-by":"publisher","unstructured":"Jeong DR, Kim K, Shivakumar B, Lee B, Shin I (2019) Razzer: finding kernel race bugs through fuzzing. In: 2019 IEEE symposium on security and privacy, pp 754\u2013768. https:\/\/doi.org\/10.1109\/sp.2019.00017","DOI":"10.1109\/sp.2019.00017"},{"key":"9306_CR69","unstructured":"Jesse H. TriforceAFL. https:\/\/github.com\/nccgroup\/TriforceAFL. Accessed on 30 March 2021"},{"key":"9306_CR70","doi-asserted-by":"publisher","unstructured":"Jiang B, Liu Y, Chan W (2018) ContractFuzzer: fuzzing smart contracts for vulnerability detection. In: 2018 33rd IEEE\/ACM international conference on automated software engineering, pp 259\u2013269. https:\/\/doi.org\/10.1145\/3238147.3238177","DOI":"10.1145\/3238147.3238177"},{"key":"9306_CR71","unstructured":"Jones D. trinity. https:\/\/github.com\/kernelslacker\/trinity. Accessed on 30 March 2021"},{"key":"9306_CR72","doi-asserted-by":"publisher","first-page":"3676","DOI":"10.1109\/TIP.2021.3064230","volume":"30","author":"Y Ju","year":"2021","unstructured":"Ju Y, Dong J, Chen S (2021) Recovering surface normal and arbitrary images: a dual regression network for photometric stereo. IEEE Trans Image Process 30:3676\u20133690. https:\/\/doi.org\/10.1109\/TIP.2021.3064230","journal-title":"IEEE Trans Image Process"},{"key":"9306_CR73","doi-asserted-by":"publisher","unstructured":"Kim K, Jeong DR, Kim CH, Jang Y, Shin I, Lee B (2020) HFL: hybrid fuzzing on the Linux kernel. In: Proceedings of the 2020 annual network and distributed system security symposium, pp 1\u201317. https:\/\/doi.org\/10.14722\/ndss.2020.24018","DOI":"10.14722\/ndss.2020.24018"},{"key":"9306_CR74","doi-asserted-by":"publisher","unstructured":"Lemieux C, Padhye R, Sen K, Song D (2018) PerfFuzz: automatically generating pathological inputs. In: Proceedings of the 27th ACM SIGSOFT international symposium on software testing and analysis, pp 254\u2013265. https:\/\/doi.org\/10.1145\/3213846.3213874","DOI":"10.1145\/3213846.3213874"},{"key":"9306_CR75","doi-asserted-by":"publisher","unstructured":"Lemieux C, Sen K (2018) FairFuzz: a targeted mutation strategy for increasing greybox fuzz testing coverage. In: Proceedings of the 33rd ACM\/IEEE international conference on automated software engineering, pp 475\u2013485. https:\/\/doi.org\/10.1145\/3238147.3238176","DOI":"10.1145\/3238147.3238176"},{"issue":"1","key":"9306_CR76","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s42400-018-0002-y","volume":"1","author":"J Li","year":"2018","unstructured":"Li J, Zhao B, Zhang C (2018) Fuzzing: a survey. Cybersecurity 1(1):1\u201313. https:\/\/doi.org\/10.1186\/s42400-018-0002-y","journal-title":"Cybersecurity"},{"issue":"3","key":"9306_CR77","doi-asserted-by":"publisher","first-page":"1199","DOI":"10.1109\/tr.2018.2834476","volume":"67","author":"H Liang","year":"2018","unstructured":"Liang H, Pei X, Jia X, Shen W, Zhang J (2018) Fuzzing: state of the art. IEEE Trans Reliab 67(3):1199\u20131218. https:\/\/doi.org\/10.1109\/tr.2018.2834476","journal-title":"IEEE Trans Reliab"},{"issue":"3","key":"9306_CR78","doi-asserted-by":"publisher","first-page":"1199","DOI":"10.1145\/3457913.3457934","volume":"67","author":"H Liang","year":"2018","unstructured":"Liang H, Pei X, Jia X, Shen W, Zhang J (2018) Fuzzing: state of the art. IEEE Trans Reliab 67(3):1199\u20131218. https:\/\/doi.org\/10.1145\/3457913.3457934","journal-title":"IEEE Trans Reliab"},{"key":"9306_CR79","doi-asserted-by":"publisher","unstructured":"Liang J, Jiang Y, Chen Y, Wang M, Zhou C, Sun J (2018) PAFL: extend fuzzing optimizations of single mode to industrial parallel mode. In: Proceedings of the 2018 26th ACM joint meeting on european software engineering conference and symposium on the foundations of software engineering, pp 809\u2013814. https:\/\/doi.org\/10.1145\/3236024.3275525","DOI":"10.1145\/3236024.3275525"},{"key":"9306_CR80","doi-asserted-by":"publisher","unstructured":"Liang J, Wang M, Zhou C, Wu Z, Jiang Y, Liu J, Liu Z, Sun J (2022) PATA: fuzzing with path aware taint analysis. In: 2022 IEEE symposium on security and privacy, pp 1\u201317. https:\/\/doi.org\/10.1109\/sp46214.2022.9833594","DOI":"10.1109\/sp46214.2022.9833594"},{"key":"9306_CR81","doi-asserted-by":"publisher","unstructured":"Li Y, Chen B, Chandramohan M, Lin SW, Liu Y, Tiu A (2017) Steelix: program-state based binary fuzzing. In: Proceedings of the 2017 11th joint meeting on foundations of software engineering, pp 627\u2013637. https:\/\/doi.org\/10.1145\/3106237.3106295","DOI":"10.1145\/3106237.3106295"},{"key":"9306_CR82","unstructured":"Li Y, Ji S, Chen Y, Liang S, Lee WH, Chen Y, Lyu C, Wu C, Beyah R, Cheng P, Lu K, Wang T (2021) UNIFUZZ: a holistic and pragmatic metrics-driven platform for evaluating fuzzers. In: 30th USENIX security symposium, pp 1\u201318"},{"key":"9306_CR83","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.cose.2021.102242","volume":"105","author":"P Lin","year":"2021","unstructured":"Lin P, Hong Z, Li Y, Wu L (2021) A priority based path searching method for improving hybrid fuzzing. Comput Secur 105:1\u201317. https:\/\/doi.org\/10.1016\/j.cose.2021.102242","journal-title":"Comput Secur"},{"key":"9306_CR84","doi-asserted-by":"publisher","unstructured":"Li X, Sun L, Qu H, Jang R, Yan Z (2021) OTA: an operation-oriented time allocation strategy for greybox fuzzing. In: 28th IEEE international conference on software analysis, evolution and reengineering, pp 108\u2013118. https:\/\/doi.org\/10.1109\/saner50967.2021.00019","DOI":"10.1109\/saner50967.2021.00019"},{"key":"9306_CR85","doi-asserted-by":"publisher","unstructured":"Liu C, Zou D, Luo P, Zhu BB, Jin H (2018) A heuristic framework to detect concurrency vulnerabilities. In: Proceedings of the 34th annual computer security applications conference, pp 529\u2013541. https:\/\/doi.org\/10.1145\/3274694.3274718","DOI":"10.1145\/3274694.3274718"},{"key":"9306_CR86","doi-asserted-by":"publisher","unstructured":"Li Y, Xue Y, Chen H, Wu X, Zhang C, Xie X, Wang H, Liu Y (2019) Cerebro: context-aware adaptive fuzzing for effective vulnerability detection. In: Proceedings of the 2019 27th ACM joint meeting on European software engineering conference and symposium on the foundations of software engineering, pp 533\u2013544. https:\/\/doi.org\/10.1145\/3338906.3338975","DOI":"10.1145\/3338906.3338975"},{"issue":"5","key":"9306_CR87","first-page":"200","volume":"14","author":"B Lou","year":"2020","unstructured":"Lou B, Song J (2020) A study on using code coverage information extracted from binary to guide fuzzing. Int J Comput Sci Secur 14(5):200\u2013210","journal-title":"Int J Comput Sci Secur"},{"issue":"6","key":"9306_CR88","doi-asserted-by":"publisher","first-page":"190","DOI":"10.1145\/1065010.1065034","volume":"40","author":"CK Luk","year":"2005","unstructured":"Luk CK, Cohn R, Muth R, Patil H, Klauser A, Lowney G, Wallace S, Reddi VJ, Hazelwood K (2005) Pin: building customized program analysis tools with dynamic instrumentation. ACM SIGPLAN Not 40(6):190\u2013200. https:\/\/doi.org\/10.1145\/1065010.1065034","journal-title":"ACM SIGPLAN Not"},{"key":"9306_CR89","doi-asserted-by":"publisher","unstructured":"Luo W, Chai D, Run X, Wang J, Fang C, Chen Z (2021) Graph-based fuzz testing for deep learning inference engines. In: Proceedings of the 43rd international conference on software engineering, pp 288\u2013299. https:\/\/doi.org\/10.1109\/ICSE43902.2021.00037","DOI":"10.1109\/ICSE43902.2021.00037"},{"key":"9306_CR90","doi-asserted-by":"publisher","unstructured":"Luo Z, Zuo F, Shen Y, Jiao X, Chang W, Jiang Y (2020) ICS protocol fuzzing: coverage guided packet crack and generation. In: 2020 57th ACM\/IEEE design automation conference, pp 1\u20136. https:\/\/doi.org\/10.1109\/DAC18072.2020.9218603","DOI":"10.1109\/DAC18072.2020.9218603"},{"key":"9306_CR91","doi-asserted-by":"publisher","first-page":"441","DOI":"10.1007\/s10845-020-01584-z","volume":"32","author":"W Lv","year":"2020","unstructured":"Lv W, Xiong J, Shi J, Huang Y, Qin S (2020) A deep convolution generative adversarial networks based fuzzing framework for industry control protocols. J Intell Manuf 32:441\u2013457. https:\/\/doi.org\/10.1007\/s10845-020-01584-z","journal-title":"J Intell Manuf"},{"key":"9306_CR92","unstructured":"Lyu C, Ji S, Zhang C, Li Y, Lee WH, Song Y, Beyah R (2019) MOPT: optimized mutation scheduling for fuzzers. In: 28th USENIX security symposium, pp 1949\u20131966"},{"key":"9306_CR93","doi-asserted-by":"publisher","unstructured":"Lyu C, Liang H, Ji S, Zhang X, Zhao B, Han M, Li Y, Wang Z, Wang W, Beyah R (2022) SLIME: program-sensitive energy allocation for fuzzing. In: Proceedings of the 31st ACM SIGSOFT international symposium on software testing and analysis, pp 365\u2013377. https:\/\/doi.org\/10.1145\/3533767.3534385","DOI":"10.1145\/3533767.3534385"},{"issue":"11","key":"9306_CR94","doi-asserted-by":"publisher","first-page":"2312","DOI":"10.1109\/tse.2019.2946563","volume":"47","author":"VJ Man\u00e8s","year":"2019","unstructured":"Man\u00e8s VJ, Han H, Han C, Cha SK, Egele M, Schwartz EJ, Woo M (2019) The art, science, and engineering of fuzzing: a survey. IEEE Trans Softw Eng 47(11):2312\u20132331. https:\/\/doi.org\/10.1109\/tse.2019.2946563","journal-title":"IEEE Trans Softw Eng"},{"key":"9306_CR95","doi-asserted-by":"publisher","unstructured":"Mansur MN, Christakis M, W\u00fcstholz V, Zhang F (2020) Detecting critical bugs in SMT solvers using blackbox mutational fuzzing. In: Proceedings of the 28th ACM joint meeting on European software engineering conference and symposium on the foundations of software engineering, pp 701\u2013712. https:\/\/doi.org\/10.1145\/3368089.3409763","DOI":"10.1145\/3368089.3409763"},{"key":"9306_CR96","unstructured":"Max M, Kostya S (2016) Guided in-process fuzzing of Chrome components. https:\/\/security.googleblog.com\/2016\/08\/guided-in-process-fuzzing-of-chrome.html. Accessed on 30 March 2021"},{"key":"9306_CR97","unstructured":"Miller BP, Koski D, Lee CP, Maganty V, Murthy R, Natarajan A, Steidl J (1995) Fuzz Revisited: A re-examination of the reliability of UNIX utilities and services. Comput Sci Dept, University of Wisconsin. 1\u201323"},{"key":"9306_CR98","doi-asserted-by":"publisher","unstructured":"Nagy S, Hicks M (2019) Full-speed fuzzing: reducing fuzzing overhead through coverage-guided tracing. In: 2019 IEEE symposium on security and privacy, pp 787\u2013802. https:\/\/doi.org\/10.1109\/sp.2019.00069","DOI":"10.1109\/sp.2019.00069"},{"key":"9306_CR99","unstructured":"Neystadt J (2008) Automated penetration testing with white-box fuzzing. Microsoft, February"},{"key":"9306_CR100","unstructured":"Nguyen MD, Bardin S, Bonichon R, Groz R, Lemerre M (2020) Binary-level directed fuzzing for use-after-free vulnerabilities. In: 23rd International symposium on research in attacks, intrusions and defenses, pp 47\u201362"},{"key":"9306_CR101","doi-asserted-by":"publisher","unstructured":"Nilizadeh S, Noller Y, P\u0103s\u0103reanu CS (2019) DifFuzz: Differential fuzzing for side-channel analysis. In: Proceedings of the 41st international conference on software engineering, pp 176\u2013187. https:\/\/doi.org\/10.1109\/ICSE.2019.00034","DOI":"10.1109\/ICSE.2019.00034"},{"key":"9306_CR102","doi-asserted-by":"publisher","unstructured":"Noller Y, Kersten R, P\u0103s\u0103reanu CS (2018) Badger: complexity analysis with fuzzing and symbolic execution. In: Proceedings of the 27th ACM SIGSOFT international symposium on software testing and analysis, pp 322\u2013332. https:\/\/doi.org\/10.1145\/3213846.3213868","DOI":"10.1145\/3213846.3213868"},{"key":"9306_CR103","unstructured":"Odena A, Olsson C, Andersen D, Goodfellow I (2019) TensorFuzz: debugging neural networks with coverage-guided fuzzing. In: International conference on machine learning, pp 4901\u20134911"},{"key":"9306_CR104","unstructured":"OllyDbg (2000). http:\/\/domoticx.com\/windows-debugger-ollydbg-software\/. Accessed on 30 March 2021"},{"key":"9306_CR105","unstructured":"Onefuzz (2020). https:\/\/github.com\/microsoft\/onefuzz. Accessed on 23 March 2021"},{"key":"9306_CR106","unstructured":"Pailoor S, Aday A, Jana S (2018) MoonShine: optimizing OS fuzzer seed selection with trace distillation. In: 27th USENIX security symposium, pp 729\u2013743"},{"key":"9306_CR107","unstructured":"PaiMei. https:\/\/github.com\/OpenRCE\/https:\/\/github.com\/OpenRCE\/paimei. Accessed on 30 March 2021"},{"key":"9306_CR108","doi-asserted-by":"publisher","unstructured":"Peng H, Shoshitaishvili Y, Payer M (2018) T-Fuzz: fuzzing by program transformation. In: 2018 IEEE symposium on security and privacy, pp 697\u2013710. https:\/\/doi.org\/10.1109\/SP.2018.00056","DOI":"10.1109\/SP.2018.00056"},{"key":"9306_CR109","doi-asserted-by":"publisher","unstructured":"Petsios T, Zhao J, Keromytis AD, Jana S (2017) SlowFuzz: automated domain-independent detection of algorithmic complexity vulnerabilities. In: Proceedings of the 2017 ACM SIGSAC conference on computer and communications security, pp 2155\u20132168. https:\/\/doi.org\/10.1145\/3133956.3134073","DOI":"10.1145\/3133956.3134073"},{"key":"9306_CR110","doi-asserted-by":"publisher","unstructured":"Pham VT, B\u00f6hme M, Roychoudhury A (2016) Model-based whitebox fuzzing for program binaries. In: Proceedings of the 31st IEEE\/ACM international conference on automated software engineering, pp 543\u2013553. https:\/\/doi.org\/10.1145\/2970276.2970316","DOI":"10.1145\/2970276.2970316"},{"key":"9306_CR111","doi-asserted-by":"publisher","unstructured":"Pham VT, B\u00f6hme M, Roychoudhury A (2020) AFLNet: a greybox fuzzer for network protocols. In: 2020 IEEE 13th international conference on software testing, validation and verification, pp 460\u2013465. https:\/\/doi.org\/10.1109\/icst46399.2020.00062","DOI":"10.1109\/icst46399.2020.00062"},{"key":"9306_CR112","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2019.2941681","author":"VT Pham","year":"2019","unstructured":"Pham VT, B\u00f6hme M, Santosa AE, Caciulescu AR, Roychoudhury A (2019) Smart greybox fuzzing. IEEE Trans Softw Eng. https:\/\/doi.org\/10.1109\/TSE.2019.2941681","journal-title":"IEEE Trans Softw Eng"},{"key":"9306_CR113","doi-asserted-by":"publisher","unstructured":"Rawat S, Jain V, Kumar A, Cojocar L, Giuffrida C, Bos H (2017) VUzzer: application-aware evolutionary fuzzing. In: 24th Annual network and distributed system security symposium, pp 1\u201314. https:\/\/doi.org\/10.14722\/ndss.2017.23404","DOI":"10.14722\/ndss.2017.23404"},{"key":"9306_CR114","unstructured":"Saavedra GJ, Rodhouse KN, Dunlavy DM, Kegelmeyer PW (2019) A review of machine learning applications in fuzzing, pp 1\u201312. arXiv preprint arXiv:1906.11133"},{"key":"9306_CR115","doi-asserted-by":"publisher","unstructured":"Schumilo S, Aschermann C, Abbasi A, Worner S, Holz T (2020) HYPER-CUBE: high-dimensional hypervisor fuzzing. In: 27th Annual network and distributed system security symposium, pp 23\u201326. https:\/\/doi.org\/10.14722\/ndss.2020.23096","DOI":"10.14722\/ndss.2020.23096"},{"key":"9306_CR116","unstructured":"Schumilo S, Aschermann C, Abbasi A, W\u00f6rner S, Holz T (2021) NYX: greybox hypervisor fuzzing using fast snapshots and affine types. In: 30th USENIX security symposium"},{"key":"9306_CR117","unstructured":"Schumilo S, Aschermann C, Gawlik R, Schinzel S, Holz T (2017) kAFL: hardware-assisted feedback fuzzing for OS kernels. In: 26th USENIX security symposium, pp 167\u2013182"},{"key":"9306_CR118","doi-asserted-by":"publisher","unstructured":"Scott J, Mora F, Ganesh V (2020) Banditfuzz: a reinforcement-learning based performance fuzzer for SMT solvers. In: Software verification: 12th international conference, VSTTE 2020, and 13th international workshop, pp 68\u201386. https:\/\/doi.org\/10.1007\/978-3-030-63618-0_5","DOI":"10.1007\/978-3-030-63618-0_5"},{"key":"9306_CR119","doi-asserted-by":"publisher","unstructured":"Serebryany K (2016) Continuous fuzzing with libFuzzer and AddressSanitizer. In: 2016 IEEE cybersecurity development, pp 157\u2013157. https:\/\/doi.org\/10.1109\/secdev.2016.043","DOI":"10.1109\/secdev.2016.043"},{"key":"9306_CR120","unstructured":"Serebryany K (2017) OSS-Fuzz\u2014Google\u2019s continuous fuzzing service for open source software. In: 26th USENIX security symposium, pp 1\u201328"},{"key":"9306_CR121","doi-asserted-by":"publisher","unstructured":"She D, Shah A, Jana S (2022) Effective seed scheduling for fuzzing with graph centrality analysis. In: 2022 IEEE symposium on security and privacy, pp 2194\u20132211. https:\/\/doi.org\/10.1109\/sp46214.2022.9833761","DOI":"10.1109\/sp46214.2022.9833761"},{"key":"9306_CR122","doi-asserted-by":"publisher","first-page":"1212","DOI":"10.1007\/s11390-021-1196-0","volume":"36","author":"LY Situ","year":"2021","unstructured":"Situ LY, Zuo ZQ, Guan L, Wang LZ, Li XD, Shi J, Liu P (2021) Vulnerable region-aware greybox fuzzing. J Comput Sci Technol 36:1212\u20131228. https:\/\/doi.org\/10.1007\/s11390-021-1196-0","journal-title":"J Comput Sci Technol"},{"key":"9306_CR123","doi-asserted-by":"publisher","unstructured":"Song D, Hetzelt F, Das D, Spensky C, Na Y, Volckaert S, Vigna G, Kruegel C, Seifert JP, Franz M (2019) PeriScope: an effective probing and fuzzing framework for the hardware-OS boundary. In: Proceedings 2019 network and distributed system security symposium, pp 1\u201315. https:\/\/doi.org\/10.14722\/ndss.2019.23176","DOI":"10.14722\/ndss.2019.23176"},{"key":"9306_CR124","doi-asserted-by":"publisher","unstructured":"Stephens N, Grosen J, Salls C, Dutcher A, Wang R, Corbetta J, Shoshitaishvili Y, Kruegel C, Vigna, G (2016) Driller: augmenting fuzzing through selective symbolic execution. In: 23rd Annual network and distributed system security symposium, pp 1\u201316. https:\/\/doi.org\/10.14722\/ndss.2016.23368","DOI":"10.14722\/ndss.2016.23368"},{"key":"9306_CR125","doi-asserted-by":"publisher","unstructured":"Sun L, Li X, Qu H, Zhang X (2020) AFLTurbo: speed up path discovery for greybox fuzzing. In: 2020 IEEE 31st international symposium on software reliability engineering, pp 81\u201391. https:\/\/doi.org\/10.1109\/issre5003.2020.00017","DOI":"10.1109\/issre5003.2020.00017"},{"key":"9306_CR126","volume-title":"Fuzzing: brute force vulnerability discovery","author":"M Sutton","year":"2007","unstructured":"Sutton M, Greene A, Amini P (2007) Fuzzing: brute force vulnerability discovery. Pearson Education, London"},{"key":"9306_CR127","volume-title":"Fuzzing for software security testing and quality assurance","author":"A Takanen","year":"2018","unstructured":"Takanen A, Demott JD, Miller C, Kettunen A (2018) Fuzzing for software security testing and quality assurance. Artech House, Norwood"},{"key":"9306_CR128","unstructured":"The home for Sanitizers (2019). https:\/\/github.com\/google\/sanitizers. Accessed on 30 March 2021"},{"key":"9306_CR129","unstructured":"ThreadSanitizer (2019). https:\/\/clang.llvm.org\/docs\/ThreadSanitizer.html. Accessed on 30 March 2021"},{"key":"9306_CR130","doi-asserted-by":"publisher","unstructured":"Trickel E, Pagani F, Zhu C, Dresel L, Vigna G, Kruegel C, Wang R, Bao T, Shoshitaishvili Y, Doup\u00e9 A (2023) Toss a fault to your witcher: applying grey-box coverage-guided mutational fuzzing to detect SQL and command injection vulnerabilities. In: 2023 IEEE symposium on security and privacy (SP), pp 2658\u20132675. https:\/\/doi.org\/10.1109\/sp46215.2023.10179317","DOI":"10.1109\/sp46215.2023.10179317"},{"key":"9306_CR131","doi-asserted-by":"publisher","unstructured":"Tsankov P, Dashti MT, Basin D (2012) SECFUZZ: fuzz-testing security protocols. In: 2012 7th international workshop on automation of software test, pp 1\u20137. https:\/\/doi.org\/10.1109\/iwast.2012.6228985","DOI":"10.1109\/iwast.2012.6228985"},{"key":"9306_CR132","unstructured":"UndefinedBehaviorSanitizer. https:\/\/clang.llvm.org\/docs\/UndefinedBehaviorSanitizer.html. Accessed on 30 March 2021"},{"key":"9306_CR133","unstructured":"Viide J, Helin A, Laakso M, Pietik\u00e4inen P, Sepp\u00e4nen M, Halunen K, Puuper\u00e4 R, R\u00f6ning J (2008) Experiences with model inference assisted fuzzing. In: 2nd USENIX workshop on offensive technologies, vol 2, pp 1\u20132"},{"key":"9306_CR134","doi-asserted-by":"publisher","unstructured":"Vinesh N, Rawat S, Bos H, Giuffrida C, Sethumadhavan M (2020) Confuzz\u2014a concurrency fuzzer. In: 1st International conference on sustainable technologies for computational intelligence-proceedings of ICTSCI 2019, pp 667\u2013691. https:\/\/doi.org\/10.1007\/978-981-15-0029-9_53","DOI":"10.1007\/978-981-15-0029-9_53"},{"key":"9306_CR135","unstructured":"Vyukov D. Syzkaller. https:\/\/github.com\/google\/syzkaller. Accessed on 30 March 2021"},{"key":"9306_CR136","doi-asserted-by":"publisher","unstructured":"Wang, J, Chen B, Wei L, Liu Y (2019) Superion: grammar-aware greybox fuzzing. In: 2019 IEEE\/ACM 41st international conference on software engineering, pp 724\u2013735. https:\/\/doi.org\/10.1109\/icse.2019.00081","DOI":"10.1109\/icse.2019.00081"},{"issue":"2","key":"9306_CR137","doi-asserted-by":"publisher","first-page":"542","DOI":"10.1109\/TCYB.2017.2780274","volume":"49","author":"GG Wang","year":"2019","unstructured":"Wang GG, Tan Y (2019) Improving metaheuristic algorithms with information feedback models. IEEE Trans Cybern 49(2):542\u2013555. https:\/\/doi.org\/10.1109\/TCYB.2017.2780274","journal-title":"IEEE Trans Cybern"},{"key":"9306_CR138","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1016\/j.ins.2014.02.123","volume":"274","author":"GG Wang","year":"2014","unstructured":"Wang GG, Guo L, Gandomi AH, Hao GS, Wang H (2014) Chaotic krill herd algorithm. Inf Sci 274:17\u201334. https:\/\/doi.org\/10.1016\/j.ins.2014.02.123","journal-title":"Inf Sci"},{"key":"9306_CR139","doi-asserted-by":"publisher","first-page":"36340","DOI":"10.1109\/access.2019.2903291","volume":"7","author":"Y Wang","year":"2019","unstructured":"Wang Y, Wu Z, Wei Q, Wang Q (2019) NeuFuzz: efficient fuzzing with deep neural network. IEEE Access 7:36340\u201336352. https:\/\/doi.org\/10.1109\/access.2019.2903291","journal-title":"IEEE Access"},{"issue":"8","key":"9306_CR140","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1371\/journal.pone.0237749","volume":"15","author":"Y Wang","year":"2020","unstructured":"Wang Y, Jia P, Liu L, Huang C, Liu Z (2020) A systematic review of fuzzing based on machine learning techniques. PLoS ONE 15(8):1\u201320. https:\/\/doi.org\/10.1371\/journal.pone.0237749","journal-title":"PLoS ONE"},{"issue":"4","key":"9306_CR141","doi-asserted-by":"publisher","first-page":"257","DOI":"10.23919\/CSMS.2021.0027","volume":"1","author":"L Wang","year":"2021","unstructured":"Wang L, Pan Z, Wang J (2021) A review of reinforcement learning based intelligent optimization for manufacturing scheduling. Complex Syst Model Simul 1(4):257\u2013270. https:\/\/doi.org\/10.23919\/CSMS.2021.0027","journal-title":"Complex Syst Model Simul"},{"issue":"1","key":"9306_CR142","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s10664-020-09927-3","volume":"26","author":"X Wang","year":"2021","unstructured":"Wang X, Hu C, Ma R, Tian D, He J (2021) CMFuzz: context-aware adaptive mutation for fuzzers. Empir Softw Eng 26(1):1\u201334. https:\/\/doi.org\/10.1007\/s10664-020-09927-3","journal-title":"Empir Softw Eng"},{"key":"9306_CR143","doi-asserted-by":"publisher","first-page":"298","DOI":"10.1016\/j.ins.2022.04.053","volume":"602","author":"F Wang","year":"2022","unstructured":"Wang F, Wang X, Sun S (2022) A reinforcement learning level-based particle swarm optimization algorithm for large-scale optimization. Inf Sci 602:298\u2013312","journal-title":"Inf Sci"},{"key":"9306_CR144","doi-asserted-by":"publisher","unstructured":"Wang J, Chen B, Wei L, Liu Y (2017) Skyfire: data-driven seed generation for fuzzing. In: 2017 IEEE symposium on security and privacy, pp 579\u2013594. https:\/\/doi.org\/10.1109\/SP.2017.23","DOI":"10.1109\/SP.2017.23"},{"key":"9306_CR145","doi-asserted-by":"publisher","unstructured":"Wang Y, Jia X, Liu Y, Zeng K, Bao T, Wu D, Su P (2020) Not all coverage measurements are equal: fuzzing by coverage accounting for input prioritization. In: 27th Annual network and distributed system security symposium, pp 1\u201317. https:\/\/doi.org\/10.14722\/ndss.2020.24422","DOI":"10.14722\/ndss.2020.24422"},{"key":"9306_CR146","unstructured":"Wang Z, Liblit B, Reps T (2020) TOFU: target-orienter fuzzer. arXiv preprint arXiv:2004.14375"},{"key":"9306_CR147","doi-asserted-by":"publisher","unstructured":"Wang F, Shoshitaishvili Y (2017) Angr\u2014the next generation of binary analysis. In: 2017 IEEE cybersecurity development, pp 8\u20139. https:\/\/doi.org\/10.1109\/SecDev.2017.14","DOI":"10.1109\/SecDev.2017.14"},{"key":"9306_CR148","doi-asserted-by":"publisher","unstructured":"Wang J, Song C, Yin H (2021) Reinforcement learning-based hierarchical seed scheduling for greybox fuzzing. In: Network and distributed system security symposium, pp 1\u201317. https:\/\/doi.org\/10.14722\/ndss.2021.24486","DOI":"10.14722\/ndss.2021.24486"},{"key":"9306_CR149","doi-asserted-by":"publisher","unstructured":"Wang H, Xie X, Li Y, Wen C, Li Y, Liu Y, Qin S, Chen H, Sui Y (2020) Typestate-guided fuzzer for discovering use-after-free vulnerabilities. In: 42nd International conference on software engineering, pp 999\u20131010. https:\/\/doi.org\/10.1145\/3377811.3380386","DOI":"10.1145\/3377811.3380386"},{"key":"9306_CR150","doi-asserted-by":"publisher","unstructured":"Wang Y, Zhang C, Xiang X, Zhao Z, Li W, Gong X, Liu B, Chen K, Zou W (2018) Revery: From proof-of-concept to exploitable. In: Proceedings of the 2018 ACM SIGSAC conference on computer and communications security, pp 1914\u20141927. https:\/\/doi.org\/10.1145\/3243734.3243847","DOI":"10.1145\/3243734.3243847"},{"key":"9306_CR151","unstructured":"Wang P, Zhou X, Lu K, Yue T, Liu Y (2020) Sok: the progress, challenges, and perspectives of directed greybox fuzzing. In: Challenges, and perspectives of directed greybox fuzzing"},{"key":"9306_CR152","doi-asserted-by":"publisher","unstructured":"Wen C, Wang H, Li Y, Qin S, Liu Y, Xu Z, Chen H, Xie X, Pu G, Liu T (2020) MemLock: memory usage guided fuzzing. In: 42nd International conference on software engineering, pp 765\u2013777 . https:\/\/doi.org\/10.1145\/3377811.3380396","DOI":"10.1145\/3377811.3380396"},{"key":"9306_CR153","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3428261","volume":"4","author":"D Winterer","year":"2020","unstructured":"Winterer D, Zhang C, Su Z (2020) On the unusual effectiveness of type-aware operator mutations for testing SMT solvers. Proc ACM Program Lang 4:1\u201325. https:\/\/doi.org\/10.1145\/3428261","journal-title":"Proc ACM Program Lang"},{"key":"9306_CR154","doi-asserted-by":"publisher","unstructured":"Winterer D, Zhang C, Su Z (2020) Validating SMT solvers via semantic fusion. In: Proceedings of the 41st ACM SIGPLAN conference on programming language design and implementation, pp 718\u2013730. https:\/\/doi.org\/10.1145\/3385412.3385985","DOI":"10.1145\/3385412.3385985"},{"key":"9306_CR155","doi-asserted-by":"publisher","unstructured":"Woo M, Cha SK, Gottlieb S, Brumley D (2013) Scheduling black-box mutational fuzzing. In: Proceedings of the 2013 ACM SIGSAC conference on computer and communications security, pp 511\u2013522. https:\/\/doi.org\/10.1145\/2508859.2516736","DOI":"10.1145\/2508859.2516736"},{"key":"9306_CR156","doi-asserted-by":"publisher","unstructured":"Xie X, Ma L, Juefei-Xu F, Xue M, Chen H, Liu Y, Zhao J, Li B, Yin J, See S (2019) DeepHunter: a coverage-guided fuzz testing framework for deep neural networks. In: Proceedings of the 28th ACM SIGSOFT international symposium on software testing and analysis, pp 146\u2013157. https:\/\/doi.org\/10.1021\/acs.jcim.8b00542.s002","DOI":"10.1021\/acs.jcim.8b00542.s002"},{"key":"9306_CR157","doi-asserted-by":"publisher","unstructured":"Xu M, Kashyap S, Zhao H, Kim T (2020) Krace: data race fuzzing for kernel file systems. In: 2020 IEEE symposium on security and privacy, pp 1643\u20131660. https:\/\/doi.org\/10.1109\/sp40000.2020.00078","DOI":"10.1109\/sp40000.2020.00078"},{"key":"9306_CR158","doi-asserted-by":"crossref","unstructured":"Ye G, Tang Z, Tan SH, Huang S, Fang D, Sun X, Bian L, Wang H, Wang Z (2021) Automated conformance testing for JavaScript engines via deep compiler fuzzing. In: 42nd ACM SIGPLAN conference on programming language design and implementation, pp 435\u2013450","DOI":"10.1145\/3453483.3454054"},{"key":"9306_CR159","doi-asserted-by":"publisher","unstructured":"You W, Liu X, Ma S, Perry D, Zhang X, Liang B (2019) SLF: fuzzing without valid seed inputs. In: 2019 IEEE\/ACM 41st international conference on software engineering, pp 712\u2013723. https:\/\/doi.org\/10.1109\/icse.2019.00080","DOI":"10.1109\/icse.2019.00080"},{"key":"9306_CR160","doi-asserted-by":"publisher","unstructured":"You W, Wang X, Ma S, Huang J, Zhang X, Wang X, Liang B (2019) ProFuzzer: on-the-fly input type probing for better zero-day vulnerability discovery. In: 2019 IEEE symposium on security and privacy, pp 769\u2013786. https:\/\/doi.org\/10.1109\/sp.2019.00057","DOI":"10.1109\/sp.2019.00057"},{"key":"9306_CR161","doi-asserted-by":"publisher","unstructured":"You W, Zong P, Chen K, Wang X, Liao X, Bian P, Liang B (2017) SemFuzz: semantics-based automatic generation of proof-of-concept exploits. In: Proceedings of the 2017 ACM SIGSAC conference on computer and communications security, pp 2139\u20132154. https:\/\/doi.org\/10.1145\/3133956.3134085","DOI":"10.1145\/3133956.3134085"},{"key":"9306_CR162","unstructured":"Yue T, Wang P, Tang Y, Wang E, Yu B, Lu K, Zhou X (2020) EcoFuzz: adaptive energy-saving greybox fuzzing as a variant of the adversarial multi-armed bandit. In: 29th USENIX security symposium, pp 2307\u20132324"},{"key":"9306_CR163","unstructured":"Yun I, Lee S, Xu M, Jang Y, Kim T (2018) QSYM: a practical concolic execution engine tailored for hybrid fuzzing. In: 27th USENIX security symposium, pp 745\u2013761"},{"key":"9306_CR164","unstructured":"Z3 (2015). https:\/\/en.wikipedia.org\/wiki\/Z3_Theorem_Prover. Accessed on 30 March 2021"},{"issue":"2","key":"9306_CR165","doi-asserted-by":"publisher","first-page":"405","DOI":"10.1007\/s11390-021-1600-9","volume":"37","author":"G Zhang","year":"2022","unstructured":"Zhang G, Wang PF, Yue T, Kong XD, Zhou X, Lu K (2022) ovAFLow: detecting memory corruption bugs with fuzzing-based taint inference. J Comput Sci Technol 37(2):405\u2013422. https:\/\/doi.org\/10.1007\/s11390-021-1600-9","journal-title":"J Comput Sci Technol"},{"issue":"11","key":"9306_CR166","doi-asserted-by":"publisher","first-page":"4630","DOI":"10.1109\/TSE.2021.3124006","volume":"48","author":"P Zhang","year":"2022","unstructured":"Zhang P, Ren B, Dong H, Dai Q (2022) CAGFuzz: coverage-guided adversarial generative fuzzing testing for image-based deep learning systems. IEEE Trans Softw Eng 48(11):4630\u20134646. https:\/\/doi.org\/10.1109\/TSE.2021.3124006","journal-title":"IEEE Trans Softw Eng"},{"key":"9306_CR167","doi-asserted-by":"publisher","unstructured":"Zhang Q, Wang Y, Li J, Ma S (2020) Ethploit: from fuzzing to efficient exploit generation against smart contracts. In: 2020 IEEE 27th international conference on software analysis, evolution and reengineering, pp 116\u2013126. https:\/\/doi.org\/10.1109\/SANER48275.2020.9054822","DOI":"10.1109\/SANER48275.2020.9054822"},{"key":"9306_CR168","doi-asserted-by":"publisher","unstructured":"Zhang G, Wang P, Yue T, Kong X, Huang S, Zhou X, Lu K (2022) MobFuzz: adaptive multi-objective optimization in gray-box fuzzing. In: Network and distributed systems security symposium 2022, pp 1\u201318. https:\/\/doi.org\/10.14722\/ndss.2022.24314","DOI":"10.14722\/ndss.2022.24314"},{"key":"9306_CR169","doi-asserted-by":"publisher","unstructured":"Zhang Y, Wang Z, Yu W, Fang B (2021) Multi-level directed fuzzing for detecting use-after-free vulnerabilities. In: 2021 IEEE 20th international conference on trust, security and privacy in computing and communications, pp 569\u2013576. https:\/\/doi.org\/10.1109\/trustcom53373.2021.00087","DOI":"10.1109\/trustcom53373.2021.00087"},{"key":"9306_CR170","doi-asserted-by":"publisher","first-page":"1","DOI":"10.3390\/math9030205","volume":"9","author":"X Zhao","year":"2021","unstructured":"Zhao X, Qu H, Lv W, Li S, Xu J (2021) MooFuzz: many-objective optimization seed schedule for fuzzer. Mathematics 9:1\u201319. https:\/\/doi.org\/10.3390\/math9030205","journal-title":"Mathematics"},{"key":"9306_CR171","doi-asserted-by":"publisher","unstructured":"Zhao X, Qu H, Xu J, Li S, Wang GG (2022) AMSFuzz: an adaptive mutation schedule for fuzzing. Expert Syst Appl 208:1\u201311. https:\/\/doi.org\/10.1016\/j.eswa.2022.118162","DOI":"10.1016\/j.eswa.2022.118162"},{"key":"9306_CR172","doi-asserted-by":"publisher","unstructured":"Zhao L, Duan Y, Yin H, Xuan J (2019) Send hardest problems my way: probabilistic path prioritization for hybrid fuzzing. In: Proceedings 2019 network and distributed system security symposium. https:\/\/doi.org\/10.14722\/ndss.2019.23504","DOI":"10.14722\/ndss.2019.23504"},{"key":"9306_CR173","doi-asserted-by":"publisher","unstructured":"Zhao H, Li Z, Wei H, Shi J, Huang Y (2019) SeqFuzzer: an industrial protocol fuzzing framework from a deep learning perspective. In: 2019 12th IEEE conference on software testing, validation and verification, pp 59\u201367. https:\/\/doi.org\/10.1109\/ICST.2019.00016","DOI":"10.1109\/ICST.2019.00016"},{"key":"9306_CR174","doi-asserted-by":"publisher","unstructured":"Zhou C, Wang M, Liang J, Liu Z, Jiang Y (2020) Zeror: speed up fuzzing with coverage-sensitive tracing and scheduling. In: 2020 35th IEEE\/ACM international conference on automated software engineering, pp 858\u2013870. https:\/\/doi.org\/10.1145\/3324884.3416572","DOI":"10.1145\/3324884.3416572"},{"key":"9306_CR175","unstructured":"Zlewski C. American Fuzzy Lop. http:\/\/lcamtuf.coredump.cx\/afl. Accessed on 1 March 2021"}],"container-title":["Soft Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00500-023-09306-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s00500-023-09306-2\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00500-023-09306-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,2,29]],"date-time":"2024-02-29T14:19:49Z","timestamp":1709216389000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s00500-023-09306-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,31]]},"references-count":175,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2024,3]]}},"alternative-id":["9306"],"URL":"https:\/\/doi.org\/10.1007\/s00500-023-09306-2","relation":{},"ISSN":["1432-7643","1433-7479"],"issn-type":[{"value":"1432-7643","type":"print"},{"value":"1433-7479","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,10,31]]},"assertion":[{"value":"25 September 2023","order":1,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"31 October 2023","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}