{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T18:43:28Z","timestamp":1772045008341,"version":"3.50.1"},"reference-count":60,"publisher":"IEEE","license":[{"start":{"date-parts":[[2023,5,1]],"date-time":"2023-05-01T00:00:00Z","timestamp":1682899200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-009"},{"start":{"date-parts":[[2023,5,1]],"date-time":"2023-05-01T00:00:00Z","timestamp":1682899200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-001"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023,5]]},"DOI":"10.1109\/sp46215.2023.10179296","type":"proceedings-article","created":{"date-parts":[[2023,7,21]],"date-time":"2023-07-21T17:18:15Z","timestamp":1689959895000},"page":"2693-2707","source":"Crossref","is-referenced-by-count":38,"title":["SelectFuzz: Efficient Directed Fuzzing with Selective Path Exploration"],"prefix":"10.1109","author":[{"given":"Changhua","family":"Luo","sequence":"first","affiliation":[{"name":"Chinese University of Hong Kong,Hong Kong SAR,China"}]},{"given":"Wei","family":"Meng","sequence":"additional","affiliation":[{"name":"Chinese University of Hong Kong,Hong Kong SAR,China"}]},{"given":"Penghui","family":"Li","sequence":"additional","affiliation":[{"name":"Chinese University of Hong Kong,Hong Kong SAR,China"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243849"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833751"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484596"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2018.2877664"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134085"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1145\/3510003.3510197"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/IPCCC47392.2019.8958740"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/ICSESS.2015.7339071"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.23919\/JCC.2021.08.001"},{"key":"ref10","article-title":"Binary-level directed fuzzing for use-after-free vulnerabilitie","volume-title":"International Symposium on Research in Attacks, Intrusions and Defense","author":"Nguyen"},{"key":"ref11","article-title":"Symsan : Time and space efficient concolic execution via dynamic data-flow analysis","volume-title":"Proceedings of the 31st USENIX Security Symposium (Security)","author":"Chen"},{"key":"ref12","article-title":"Constraint-guided directed greybox fuzzingg","volume-title":"Proceedings of the 30th USENIX Security Symposium (Security), Virtual Event","author":"Lee"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2019.00066"},{"key":"ref14","doi-asserted-by":"crossref","DOI":"10.1145\/3377811.3380388","article-title":"Targeted greybox fuzzing with static lookahead analysis","volume-title":"Proceedings of the 42nd International Conference on Software Engineering (ICSE)","author":"W\u00fcstholz"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833563"},{"key":"ref16","article-title":"Directed greybox fuzzing","volume-title":"Proceedings of the 24th ACM Conference on Computer and Communications Security (CCS)","author":"Pham"},{"key":"ref17","article-title":"Fuzzguard: Filtering out unreachable inputs in directed grey-box fuzzing through deep learning","volume-title":"Proceedings of the 29th USENIX Security Symposium (Security), Virtual Event","author":"Zong"},{"key":"ref18","article-title":"american fuzzy lop","author":"Zalewski","year":"2021"},{"key":"ref19","article-title":"Fuze: Towards facilitating exploit generation for kernel use-after-free vulnerabilities","volume-title":"Proceedings of the 27th USENIX Security Symposium (Security)","author":"Wu"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/3510003.3510082"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/3488932.3501276"},{"key":"ref22","article-title":"razor: A framework for post-deployment software debloating","volume-title":"Proceedings of the 28th USENIX Security Symposium (Security)","author":"Qian"},{"key":"ref23","article-title":"Debloating software through {Piece-Wise} compilation and loading","volume-title":"Proceedings of the 27th USENIX Security Symposium (Security)","author":"Quach"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00069"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484787"},{"key":"ref26","article-title":"Google\u2019s fuzzer-test-suite","year":"2022"},{"key":"ref27","article-title":"Parmesan : Sanitizer-guided greybox fuzzing","volume-title":"Proceedings of the 29th USENIX Security Symposium (Security), Virtual Event","author":"\u00d6sterlund"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24422"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00040"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2019.00024"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/3460120.3484596"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1145\/3487075.3487124"},{"key":"ref33","doi-asserted-by":"crossref","DOI":"10.1145\/3319535.3363275","article-title":"Poster: Directed hybrid fuzzing on binary code","volume-title":"Proceedings of the 28th ACM Conference on Computer and Communications Security (CCS), Virtual Event","author":"Kim"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1155\/2020\/7698916"},{"key":"ref35","article-title":"Aflgo: Directing afl to reach specific target locations","year":"2013"},{"key":"ref36","article-title":"The use of likely invariants as feedback for fuzzers","volume-title":"Proceedings of the 30th USENIX Security Symposium (Security), Virtual Event","author":"Fioraldi"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24419"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-27776-7_24"},{"key":"ref39","article-title":"Program analysis and specialization for the c programming language","volume-title":"Ph.D. dissertation","author":"Andersen","year":"1994"},{"key":"ref40","article-title":"Temporal system call specialization for attack surface reduction","volume-title":"Proceedings of the 29th USENIX Security Symposium (Security), Virtual Event","author":"Ghavamnia"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833613"},{"key":"ref42","article-title":"Optimizing seed selection for fuzzing","volume-title":"Proceedings of the 23rd USENIX Security Symposium (Security)","author":"Rebert"},{"key":"ref43","article-title":"Beacon docker image","year":"2022"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.24311"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00046"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833594"},{"key":"ref47","article-title":"Greyone: Data flow sensitive fuzzing","volume-title":"Proceedings of the 29th USENIX Security Symposium (Security), Virtual Event","author":"Gan"},{"key":"ref48","article-title":"Qsym: A practical concolic execution engine tailored for hybrid fuzzing","volume-title":"Proceedings of the 27th USENIX Security Symposium (Security)","author":"Yun"},{"key":"ref49","article-title":"Aflchurn benchmark","year":"2022"},{"key":"ref50","article-title":"Angora in boringssl","year":"2022"},{"key":"ref51","doi-asserted-by":"publisher","DOI":"10.1002\/stvr.1486"},{"key":"ref52","article-title":"Cve database","year":"2022"},{"key":"ref53","article-title":"Cve-2018-20662","year":"2018"},{"key":"ref54","article-title":"Oss-fuzz","year":"2021"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-53413-7_5"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23368"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2022.23162"},{"key":"ref58","article-title":"Katch : High-coverage testing of software patches categories and subject descriptors","volume-title":"Proceedings of the 18th European Software Engineering Conference (ESEC) \/ 21st ACM SIGSOFT Symposium on the Foundations of Software Engineering (FSE)","author":"Marinescu"},{"key":"ref59","article-title":"Dowser : a guided fuzzer to find buffer overflow vulnerabilities","volume-title":"Proceedings of the 22nd USENIX Security Symposium (Security)","author":"Haller"},{"key":"ref60","article-title":"Selectivetaint: Efficient data flow tracking with static binary rewriting","volume-title":"Proceedings of the 30th USENIX Security Symposium (Security), Virtual Event","author":"Chen"}],"event":{"name":"2023 IEEE Symposium on Security and Privacy (SP)","location":"San Francisco, CA, USA","start":{"date-parts":[[2023,5,21]]},"end":{"date-parts":[[2023,5,25]]}},"container-title":["2023 IEEE Symposium on Security and Privacy (SP)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10179215\/10179280\/10179296.pdf?arnumber=10179296","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,20]],"date-time":"2024-07-20T05:17:35Z","timestamp":1721452655000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10179296\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,5]]},"references-count":60,"URL":"https:\/\/doi.org\/10.1109\/sp46215.2023.10179296","relation":{},"subject":[],"published":{"date-parts":[[2023,5]]}}}