{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,18]],"date-time":"2026-01-18T02:57:59Z","timestamp":1768705079227,"version":"3.49.0"},"reference-count":69,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"3","license":[{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61772308"],"award-info":[{"award-number":["61772308"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61972224"],"award-info":[{"award-number":["61972224"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["U1736209"],"award-info":[{"award-number":["U1736209"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"BNRist Network and Software Security Research Program","award":["BNR2019TD01004"],"award-info":[{"award-number":["BNR2019TD01004"]}]},{"name":"BNRist Network and Software Security Research Program","award":["BNR2019RC01009"],"award-info":[{"award-number":["BNR2019RC01009"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Dependable and Secure Comput."],"published-print":{"date-parts":[[2022,5,1]]},"DOI":"10.1109\/tdsc.2020.3027690","type":"journal-article","created":{"date-parts":[[2020,9,29]],"date-time":"2020-09-29T21:02:46Z","timestamp":1601413366000},"page":"1544-1561","source":"Crossref","is-referenced-by-count":8,"title":["Path Sensitive Fuzzing for Native Applications"],"prefix":"10.1109","volume":"19","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-6083-9049","authenticated-orcid":false,"given":"Shuitao","family":"Gan","sequence":"first","affiliation":[{"name":"State Key Laboratory of Mathematical Engineering and Advanced Computing, Wuxi, Jiangsu, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7894-8828","authenticated-orcid":false,"given":"Chao","family":"Zhang","sequence":"additional","affiliation":[{"name":"Institute for Network Science and Cyberspace, Tsinghua University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiaojun","family":"Qin","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Mathematical Engineering and Advanced Computing, Wuxi, Jiangsu, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xuwen","family":"Tu","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Mathematical Engineering and Advanced Computing, Wuxi, Jiangsu, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3985-6116","authenticated-orcid":false,"given":"Kang","family":"Li","sequence":"additional","affiliation":[{"name":"Anonymous University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhongyu","family":"Pei","sequence":"additional","affiliation":[{"name":"Institute for Network Science and Cyberspace, Tsinghua University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zuoning","family":"Chen","sequence":"additional","affiliation":[{"name":"State Key Laboratory of Mathematical Engineering and Advanced Computing, Wuxi, Jiangsu, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00040"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030124"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866370"},{"key":"ref5","article-title":"The info leak era on software exploitation","author":"Serna","year":"2012","journal-title":"Blackhat USA"},{"key":"ref6","article-title":"OSS-Fuzz - Google\u2019s continuous fuzzing service for open source software","author":"Serebryany","year":"2017"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/SecDev.2016.043"},{"key":"ref8","article-title":"Honggfuzz","author":"Swiecki","year":"2016"},{"key":"ref9","article-title":"OSS-Fuzz: Five months later, and rewarding projects"},{"key":"ref10","article-title":"SanitizerCoverage: Clang documentation"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23404"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1145\/1064978.1065034"},{"key":"ref13","article-title":"American fuzzy lop","author":"Zalewski"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134020"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978428"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00046"},{"key":"ref17","first-page":"1949","article-title":"MOPT: Optimized mutation scheduling for fuzzers","volume-title":"Proc. 28th USENIX Secur. Symp.","author":"Lyu"},{"key":"ref18","article-title":"FairFuzz: Targeting rare branches to rapidly increase greybox fuzz testing coverage","author":"Lemieux","year":"2017"},{"key":"ref19","article-title":"WinAFL: A fork of AFL for fuzzing Windows binaries"},{"key":"ref20","article-title":"AFL-dyninst"},{"key":"ref21","article-title":"TriforceAFL"},{"key":"ref22","first-page":"167","article-title":"kAFL: Hardware-assisted feedback fuzzing for OS kernels","volume-title":"Proc. 26th USENIX Secur. Symp.","author":"Schumilo"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23368"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00052"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00056"},{"key":"ref26","article-title":"libdyninst"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.15"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/1375581.1375607"},{"key":"ref29","article-title":"Peach fuzzing platform","author":"Eddington","year":"2011","journal-title":"Peach Fuzzer"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.21236\/ADA610472"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134103"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.23"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134069"},{"key":"ref34","article-title":"Learn&fuzz: Machine learning for input fuzzing","volume-title":"CoRR","volume":"abs\/1701.07232","author":"Godefroid","year":"2017"},{"key":"ref35","article-title":"Faster fuzzing: Reinitialization with deep neural models","volume-title":"CoRR","volume":"abs\/1711.02807","author":"Nichols","year":"2017"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2008.4630093"},{"key":"ref37","article-title":"Not all bytes are equal: Neural byte sieve for fuzzing","volume-title":"CoRR","volume":"abs\/1711.04596","author":"Rajpal","year":"2017"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.37"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00040"},{"key":"ref40","article-title":"Circumventing fuzzing roadblocks with compiler transformations"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2019.23371"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134046"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2019.00069"},{"key":"ref44","article-title":"syzkaller - kernel fuzzer"},{"key":"ref45","first-page":"309","article-title":"AddressSanitizer: A fast address sanity checker","volume-title":"Proc. USENIX Annu. Tech. Conf.","author":"Serebryany"},{"key":"ref46","first-page":"81","article-title":"Type casting verification: Stopping an emerging attack vector","volume-title":"Proc. USENIX Secur. Symp.","author":"Lee"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1109\/CGO.2015.7054186"},{"key":"ref48","article-title":"New features in AddressSanitizer","author":"Samsonov","year":"2013"},{"key":"ref49","article-title":"DataFlowSanitizer"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1145\/1791194.1791203"},{"key":"ref51","first-page":"186","article-title":"Venerable variadic vulnerabilities vanquished","author":"Biswas","year":"2017"},{"key":"ref52","first-page":"1","article-title":"Be sensitive and collaborative: Analyzing impact of coverage metrics in greybox fuzzing","volume-title":"Proc. 22nd Int. Symp. Res. Attacks Intrusions Defenses","author":"Wang"},{"key":"ref53","article-title":"Context-sensitive coverage"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-45961-8_12"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1145\/3106237.3106258"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134073"},{"key":"ref57","first-page":"125","article-title":"Devirtualization in GCC","volume-title":"Proc. GCC Developers Summit","author":"Namolaru"},{"key":"ref58","article-title":"Efficient, transparent and comprehensive runtime code manipulation","author":"Bruening","year":"2004"},{"key":"ref59","first-page":"2","article-title":"Using valgrind to detect undefined value errors with bit-precision","volume-title":"Proc. Annu. Conf. USENIX Annu. Tech. Conf.","author":"Seward"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1145\/1064978.1065034"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1145\/3106237.3106295"},{"key":"ref62","article-title":"Utilities for automated crash sample processing\/analysis"},{"key":"ref63","article-title":"The \u2019exploitable\u2019 GDB plugin"},{"key":"ref64","article-title":"Gcov"},{"key":"ref65","article-title":"afl-cov"},{"key":"ref66","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243804"},{"key":"ref67","article-title":"Mann-whitney_U_test"},{"key":"ref68","article-title":"Effective file format fuzzing","year":"2016"},{"key":"ref69","doi-asserted-by":"publisher","DOI":"10.1145\/3468264.3473932"}],"container-title":["IEEE Transactions on Dependable and Secure Computing"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8858\/9773152\/09208709.pdf?arnumber=9208709","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,9]],"date-time":"2024-01-09T23:08:51Z","timestamp":1704841731000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9208709\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,5,1]]},"references-count":69,"journal-issue":{"issue":"3"},"URL":"https:\/\/doi.org\/10.1109\/tdsc.2020.3027690","relation":{},"ISSN":["1545-5971","1941-0018","2160-9209"],"issn-type":[{"value":"1545-5971","type":"print"},{"value":"1941-0018","type":"electronic"},{"value":"2160-9209","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,5,1]]}}}