{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,8]],"date-time":"2025-07-08T04:09:51Z","timestamp":1751947791508,"version":"3.41.2"},"reference-count":50,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2025,6,1]],"date-time":"2025-06-01T00:00:00Z","timestamp":1748736000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0"},{"start":{"date-parts":[[2025,6,2]],"date-time":"2025-06-02T00:00:00Z","timestamp":1748822400000},"content-version":"vor","delay-in-days":1,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62172305"],"award-info":[{"award-number":["62172305"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J. King Saud Univ. Comput. Inf. Sci."],"published-print":{"date-parts":[[2025,6]]},"DOI":"10.1007\/s44443-025-00050-1","type":"journal-article","created":{"date-parts":[[2025,6,2]],"date-time":"2025-06-02T10:38:14Z","timestamp":1748860694000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["RIMFuzz: real-time impact-aware mutation for library API fuzzing"],"prefix":"10.1007","volume":"37","author":[{"given":"Xiaoke","family":"Wang","sequence":"first","affiliation":[]},{"given":"Lei","family":"Zhao","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,6,2]]},"reference":[{"key":"50_CR1","doi-asserted-by":"crossref","unstructured":"Atlidakis V, Godefroid P, Polishchuk M (2019) Restler: Stateful rest api fuzzing, In: 2019 IEEE\/ACM 41st International Conference on Software Engineering (ICSE) IEEE, pp 748\u2013758","DOI":"10.1109\/ICSE.2019.00083"},{"key":"50_CR2","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1023\/A:1013689704352","volume":"47","author":"P Auer","year":"2002","unstructured":"Auer P, Cesa-Bianchi N, Fischer P (2002) Finite-time analysis of the multiarmed bandit problem. Mach Learn 47:235\u2013256","journal-title":"Mach Learn"},{"key":"50_CR3","doi-asserted-by":"crossref","unstructured":"Babi\u0107 D, Bucur S, Chen Y, Ivan\u010di\u0107 F, King T, Kusano M, Lemieux C, Szekeres L, Wang W (2019) Fudge: fuzz driver generation at scale, In: Proceedings of the 2019 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering , pp 975\u2013985","DOI":"10.1145\/3338906.3340456"},{"key":"50_CR4","doi-asserted-by":"crossref","unstructured":"B\u00f6hme M, Pham VT, Roychoudhury A (2016) Coverage-based greybox fuzzing as markov chain, In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp 1032\u20131043","DOI":"10.1145\/2976749.2978428"},{"key":"50_CR5","volume-title":"No Grammar","author":"A Bulekov","year":"2023","unstructured":"Bulekov A, Das B, Hajnoczi S, Egele M (2023) No Grammar. Towards Fuzzing the Linux Kernel without System-Call Descriptions., in NDSS, No Problem"},{"key":"50_CR6","doi-asserted-by":"crossref","unstructured":"Chen P, Xie Y, Lyu Y, Wang Y, Chen H (2023) Hopper: Interpretative Fuzzing for Libraries, In: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security (2023), pp 1600\u20131614","DOI":"10.1145\/3576915.3616610"},{"key":"50_CR7","unstructured":"ClangGcov (2023) Clang compiler user\u2019s manual: Gcov-based profiling. https:\/\/clang.llvm.org\/docs\/UsersManual.html#gcov-based-profiling. Accessed August 24, 2023"},{"key":"50_CR8","unstructured":"ClangSourceCov (2024) Clang: Source-based code coverage. https:\/\/clang.llvm.org\/docs\/SourceBasedCodeCoverage.html. Accessed January 14, 2024"},{"key":"50_CR9","doi-asserted-by":"crossref","unstructured":"Deng Y, Xia CS, Peng H, Yang C, Zhang L (2023) Large Language Models Are Zero-Shot Fuzzers: Fuzzing Deep-Learning Libraries via Large Language Models, In: Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, pp 423\u2013435","DOI":"10.1145\/3597926.3598067"},{"key":"50_CR10","doi-asserted-by":"crossref","unstructured":"Durumeric Z, Li F, Kasten J, Amann J, Beekman J, Payer M, Weaver N, Adrian D, Paxson V, Bailey M, et\u00a0al (2014) The matter of heartbleed, In: Proceedings of the 2014 conference on internet measurement conference, pp 475\u2013488","DOI":"10.1145\/2663716.2663755"},{"key":"50_CR11","unstructured":"Gan S, Zhang C, Chen P, Zhao B, Qin X, Wu D, Chen Z (2020) $$\\{$$GREYONE$$\\}$$: Data flow sensitive fuzzing, In: 29th USENIX security symposium (USENIX Security 20), pp 2577\u20132594"},{"key":"50_CR12","doi-asserted-by":"crossref","unstructured":"Gan S, Zhang C, Qin X, Tu X, Li K, Pei Z, Chen Z (2018) Collafl: Path sensitive fuzzing, in 2018 IEEE Symposium on Security and Privacy (SP) IEEE, pp 679\u2013696","DOI":"10.1109\/SP.2018.00040"},{"key":"50_CR13","doi-asserted-by":"crossref","unstructured":"Green H, Avgerinos T (2022) GraphFuzz: library API fuzzing with lifetime-aware dataflow graphs, In: Proceedings of the 44th International Conference on Software Engineering, pp 1070\u20131081","DOI":"10.1145\/3510003.3510228"},{"key":"50_CR14","doi-asserted-by":"crossref","unstructured":"Gu Z, Wu J, Liu J, Zhou M, Gu M (2019) An empirical study on api-misuse bugs in open-source C programs, In: 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC), vol\u00a01 IEEE, pp 11\u201320","DOI":"10.1109\/COMPSAC.2019.00012"},{"key":"50_CR15","unstructured":"Ispoglou KK, Austin D, Mohan V, Payer M (2020) Fuzzgen: Automatic fuzzer generation, In: Proceedings of the 29th USENIX Conference on Security Symposium , pp 2271\u20132287"},{"key":"50_CR16","doi-asserted-by":"crossref","unstructured":"Jang J, Kim HK (2019) FuzzBuilder: Automated building greybox fuzzing environment for C\/C++ library, In: Proceedings of the 35th Annual Computer Security Applications Conference, pp 627\u2013637","DOI":"10.1145\/3359789.3359846"},{"key":"50_CR17","doi-asserted-by":"crossref","unstructured":"Jeong B, Jang J, Yi H, Moon J, Kim J, Jeon I, Kim T, Shim W, Hwang YH (2022) UTOPIA: Automatic Generation of Fuzz Driver using Unit Tests, In: 2023 IEEE Symposium on Security and Privacy (SP) (IEEE Computer Society), pp 746\u2013762","DOI":"10.1109\/SP46215.2023.10179394"},{"key":"50_CR18","doi-asserted-by":"crossref","unstructured":"Jiang J, Xu H, Zhou Y (2021) RULF: Rust library fuzzing via API dependency graph traversal, In: 2021 36th IEEE\/ACM International Conference on Automated Software Engineering (ASE) IEEE, pp 581\u2013592","DOI":"10.1109\/ASE51524.2021.9678813"},{"key":"50_CR19","doi-asserted-by":"crossref","unstructured":"Jung J, Tong S, Hu H, Lim J, Jin Y, Kim T (2021) WINNIE: fuzzing Windows applications with harness synthesis and fast cloning, In: Proceedings of the 2021 Network and Distributed System Security Symposium (NDSS 2021)","DOI":"10.14722\/ndss.2021.24334"},{"key":"50_CR20","doi-asserted-by":"crossref","unstructured":"Klees G, Ruef A, Cooper B, Wei S, Hicks M (2018) Evaluating fuzz testing, In: Proceedings of the 2018 ACM SIGSAC conference on computer and communications security, pp 2123\u20132138","DOI":"10.1145\/3243734.3243804"},{"key":"50_CR21","doi-asserted-by":"crossref","unstructured":"Lemieux C, Sen K (2018) Fairfuzz: A targeted mutation strategy for increasing greybox fuzz testing coverage, In: Proceedings of the 33rd ACM\/IEEE international conference on automated software engineering, pp 475\u2013485","DOI":"10.1145\/3238147.3238176"},{"key":"50_CR22","doi-asserted-by":"crossref","unstructured":"Li Z, Machiry A, Chen B, Naik M, Wang K, Song L (2021) Arbitrar: User-guided api misuse detection, In: 2021 IEEE Symposium on Security and Privacy (SP) IEEE, pp 1400\u20131415","DOI":"10.1109\/SP40001.2021.00090"},{"issue":"6","key":"50_CR23","doi-asserted-by":"publisher","first-page":"2193","DOI":"10.1016\/j.physa.2011.12.004","volume":"391","author":"A Lipowski","year":"2012","unstructured":"Lipowski A, Lipowska D (2012) Roulette-wheel selection via stochastic acceptance. Phys A: Stat Mech Appl 391(6):2193\u20132196","journal-title":"Phys A: Stat Mech Appl"},{"key":"50_CR24","doi-asserted-by":"crossref","unstructured":"Liu Y, Li Y, Deng G, Liu Y, Wan R, Wu R, Ji D, Xu S, Bao M (2022) Morest: model-based RESTful API testing with execution feedback, In: Proceedings of the 44th International Conference on Software Engineering, pp 1406\u20131417","DOI":"10.1145\/3510003.3510133"},{"key":"50_CR25","doi-asserted-by":"crossref","unstructured":"Liu Y, Wang Y, Bao T, Jia X, Zhang Z, Su P (2023) AFGen: Whole-Function Fuzzing for Applications and Libraries, In: 2024 IEEE Symposium on Security and Privacy (SP) (IEEE Computer Society), pp 11\u201311","DOI":"10.1109\/SP54263.2024.00011"},{"key":"50_CR26","doi-asserted-by":"crossref","unstructured":"Lv T, Li R, Yang Y, Chen K, Liao X, Wang X, Hu P, Xing L (2020) Rtfm! automatic assumption discovery and verification derivation from library document for api misuse detection, In: Proceedings of the 2020 ACM SIGSAC conference on computer and communications security, pp 1837\u20131852","DOI":"10.1145\/3372297.3423360"},{"key":"50_CR27","unstructured":"Lyu C, Ji S, Zhang C, Li Y, Lee WH, Song Y, Beyah R (2019) $$\\{$$MOPT$$\\}$$: Optimized mutation scheduling for fuzzers, In: 28th USENIX Security Symposium (USENIX Security 19), pp 1949\u20131966"},{"key":"50_CR28","doi-asserted-by":"crossref","unstructured":"Lyu Y, Xie Y, Chen P, Chen H (2024) Prompt fuzzing for fuzz driver generation. arXiv:2312.17677","DOI":"10.1145\/3658644.3670396"},{"key":"50_CR29","unstructured":"OpenSSL (2023) Openssl - cryptography and ssl\/tls toolkit. https:\/\/www.openssl.org\/. Accessed August 23, 2023"},{"key":"50_CR30","unstructured":"OSS-Fuzz (2023) Oss-fuzz - continuous fuzzing for open source software. https:\/\/github.com\/google\/oss-fuzz\/ . Accessed August 21, 2023"},{"key":"50_CR31","unstructured":"Pailoor S, Aday A, Jana S (2018) $$\\{$$MoonShine$$\\}$$: Optimizing $$\\{$$OS$$\\}$$ fuzzer seed selection with trace distillation, In: 27th USENIX Security Symposium (USENIX Security 18), pp 729\u2013743"},{"key":"50_CR32","unstructured":"Serebryany K (2015) libfuzzer-a library for coverage-guided fuzz testing. https:\/\/llvm.org\/docs\/LibFuzzer.html\/. LLVM project"},{"key":"50_CR33","unstructured":"Skia (2023) Skia: The 2d graphics library. https:\/\/skia.org\/. Accessed September 4, 2023"},{"key":"50_CR34","doi-asserted-by":"crossref","unstructured":"Sun H, Shen Y, Wang C, Liu J, Jiang Y, Chen T, Cui A (2021) Healer: Relation learning guided kernel fuzzing, In: Proceedings of the ACM SIGOPS 28th Symposium on Operating Systems Principles , pp 344\u2013358","DOI":"10.1145\/3477132.3483547"},{"key":"50_CR35","doi-asserted-by":"crossref","unstructured":"Takashima Y, Martins R, Jia L, P\u0103s\u0103reanu CS (2021) Syrust: automatic testing of rust libraries with semantic-aware program synthesis, In: Proceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation, pp 899\u2013913","DOI":"10.1145\/3453483.3454084"},{"key":"50_CR36","doi-asserted-by":"crossref","unstructured":"Wang Y, Jia X, Liu Y, Zeng K, Bao T, Wu D, Su P (2020) Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization., in NDSS","DOI":"10.14722\/ndss.2020.24422"},{"key":"50_CR37","doi-asserted-by":"crossref","unstructured":"Wang Z, Yan M, Chen J, Liu S, Zhang D (2020) Deep learning library testing via effective model generation, In: Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp 788\u2013799","DOI":"10.1145\/3368089.3409761"},{"key":"50_CR38","doi-asserted-by":"crossref","unstructured":"Wang X, Zhao L (2023) APICAD: Augmenting API Misuse Detection through Specifications from Code and Documents, In: 2023 IEEE\/ACM 45th International Conference on Software Engineering (ICSE), pp 245\u2013256","DOI":"10.1109\/ICSE48619.2023.00032"},{"key":"50_CR39","doi-asserted-by":"crossref","unstructured":"Wei A, Deng Y, Yang C, Zhang L (2022) Free lunch for testing: Fuzzing deep-learning libraries from open source, In: Proceedings of the 44th International Conference on Software Engineering, pp 995\u20131007","DOI":"10.1145\/3510003.3510041"},{"key":"50_CR40","doi-asserted-by":"crossref","unstructured":"Xie D, Li Y, Kim M, Pham HV, Tan L, Zhang X, Godfrey MW (2022) DocTer: documentation-guided fuzzing for testing deep\u00a0learning API functions, In: Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, pp 176\u2013188","DOI":"10.1145\/3533767.3534220"},{"key":"50_CR41","doi-asserted-by":"crossref","unstructured":"Yuan Z, Liu M, Ding S, Wang K, Chen Y, Peng X, Lou Y (2024) Evaluating and improving chatgpt for unit test generation. Proceed ACM Softw Eng 1(FSE):1703\u20131726","DOI":"10.1145\/3660783"},{"key":"50_CR42","unstructured":"Yue T, Wang P, Tang Y, Wang E, Yu B, Lu K, Zhou X (2020) $$\\{$$EcoFuzz$$\\}$$: Adaptive $$\\{$$Energy-Saving$$\\}$$ greybox fuzzing as a variant of the adversarial $$\\{$$Multi-Armed$$\\}$$ bandit, In: 29th USENIX Security Symposium (USENIX Security 20) , pp 2307\u20132324"},{"key":"50_CR43","unstructured":"Yun I, Min C, Si X, Jang Y, Kim T, Naik M (2016) $$\\{$$APISan$$\\}$$: Sanitizing $$\\{$$API$$\\}$$ Usages through Semantic $$\\{$$Cross-Checking$$\\}$$, in 25th USENIX Security Symposium (USENIX Security 16), pp 363\u2013378"},{"key":"50_CR44","unstructured":"Zalewski M (2017) American fuzzy lop. http:\/\/lcamtuf.coredump.cx\/afl\/"},{"key":"50_CR45","unstructured":"Zhang C, Lin X, Li Y, Xue Y, Xie J, Chen H, Ying X, Wang J, Liu Y (2021) APICraft: Fuzz Driver Generation for Closed-source SDK Libraries., In: USENIX Security Symposium, pp 2811\u20132828"},{"key":"50_CR46","unstructured":"Zhang C, Li Y, Zhou H, Zhang X, Zheng Y, Zhan X, Xie X, Luo X, Li X, Liu Y, Habib SM (2023) Automata-guided control-flow-sensitive fuzz driver generation, In: Proceedings of the 32nd USENIX Conference on Security Symposium, pp 2867\u20132884"},{"key":"50_CR47","doi-asserted-by":"crossref","unstructured":"Zhang C, Zheng Y, Bai M, Li Y, Ma W, Xie X, Li Y, Sun L, Liu Y (2024) How Effective Are They? Exploring Large Language Model Based Fuzz Driver Generation, In: Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis, pp 1223\u20131235","DOI":"10.1145\/3650212.3680355"},{"key":"50_CR48","doi-asserted-by":"crossref","unstructured":"Zhang M, Zhou C, Liu J, Wang M, Liang J, Zhu J, Jiang Y (2023) Daisy: Effective Fuzz Driver Synthesis with Object Usage Sequence Analysis, In: 2023 IEEE\/ACM 45th International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP) IEEE , pp 87\u201398","DOI":"10.1109\/ICSE-SEIP58684.2023.00013"},{"key":"50_CR49","doi-asserted-by":"crossref","unstructured":"Zhao L, Duan Y, Yin H, Xuan J (2019) Send hardest problems my way: Probabilistic path prioritization for hybrid fuzzing., in NDSS","DOI":"10.14722\/ndss.2019.23504"},{"key":"50_CR50","doi-asserted-by":"crossref","unstructured":"Zhao Y, Wang X, Zhao L, Cheng Y, Yin H (2022) Alphuzz: Monte carlo search on seed-mutation tree for coverage-guided fuzzing, In: Proceedings of the 38th Annual Computer Security Applications Conference, pp 534\u2013547","DOI":"10.1145\/3564625.3564660"}],"container-title":["Journal of King Saud University Computer and Information Sciences"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s44443-025-00050-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s44443-025-00050-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s44443-025-00050-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,7]],"date-time":"2025-07-07T13:03:19Z","timestamp":1751893399000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s44443-025-00050-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6]]},"references-count":50,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2025,6]]}},"alternative-id":["50"],"URL":"https:\/\/doi.org\/10.1007\/s44443-025-00050-1","relation":{},"ISSN":["1319-1578","2213-1248"],"issn-type":[{"type":"print","value":"1319-1578"},{"type":"electronic","value":"2213-1248"}],"subject":[],"published":{"date-parts":[[2025,6]]},"assertion":[{"value":"24 February 2025","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"29 April 2025","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"2 June 2025","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"We declare that we have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Competing Interest"}}],"article-number":"52"}}