{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,20]],"date-time":"2026-06-20T10:59:38Z","timestamp":1781953178141,"version":"3.54.5"},"reference-count":226,"publisher":"Pleiades Publishing Ltd","issue":"1","license":[{"start":{"date-parts":[[2024,2,1]],"date-time":"2024-02-01T00:00:00Z","timestamp":1706745600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,2,1]],"date-time":"2024-02-01T00:00:00Z","timestamp":1706745600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Program Comput Soft"],"published-print":{"date-parts":[[2024,2]]},"DOI":"10.1134\/s0361768824010079","type":"journal-article","created":{"date-parts":[[2024,5,22]],"date-time":"2024-05-22T05:01:42Z","timestamp":1716354102000},"page":"90-114","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["A Survey of Software Dynamic Analysis Methods"],"prefix":"10.1134","volume":"50","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3439-9534","authenticated-orcid":false,"given":"V. V.","family":"Kuliamin","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"137","published-online":{"date-parts":[[2024,5,22]]},"reference":[{"key":"3826_CR1","doi-asserted-by":"publisher","first-page":"157727","DOI":"10.1109\/ACCESS.2021.3129336","volume":"9","author":"M. Ozkan-Okay","year":"2021","unstructured":"Ozkan-Okay, M., Samet, R., Aslan, \u00d6., and Gupta, D., A comprehensive systematic literature review on intrusion detection systems, IEEE Access, 2021, vol. 9, pp.\u00a0157727\u2013157760. https:\/\/doi.org\/10.1109\/ACCESS.2021.3129336","journal-title":"IEEE Access"},{"key":"3826_CR2","doi-asserted-by":"publisher","unstructured":"Santos, L., Rabadao, C., and Gon\u00e7alves, R., Intrusion detection systems in Internet of Things: A literature review, Proc. of 13th Iberian Conference on Information Systems and Technologies (CISTI), Caceres, Spain, 2018, pp. 1\u20137. https:\/\/doi.org\/10.23919\/CISTI.2018.8399291","DOI":"10.23919\/CISTI.2018.8399291"},{"key":"3826_CR3","doi-asserted-by":"publisher","first-page":"366","DOI":"10.1145\/267580.267590","volume":"29","author":"H. Zhu","year":"1997","unstructured":"Zhu, H., Hall, P. A. V., and May, J. H. R., Software unit test coverage and adequacy, ACM Computing Surveys, 1997, vol. 29, no. 4, pp. 366\u2013427. https:\/\/doi.org\/10.1145\/267580.267590","journal-title":"ACM Computing Surveys"},{"key":"3826_CR4","volume-title":"Fuzzing: Brute Force Vulnerability Discovery","author":"M. Sutton","year":"2007","unstructured":"Sutton, M., Greene, A., and Amini, P., Fuzzing: Brute Force Vulnerability Discovery, Boston: Addison-Wesley, 2007."},{"key":"3826_CR5","doi-asserted-by":"publisher","unstructured":"Newsome, J., and Song, D., Dynamic taint analysis for Automatic detection, analysis, and signature generation of exploits on commodity software, Proc. of Network and Distributed System Security Simposium, 2005. https:\/\/doi.org\/10.1184\/R1\/6468716.v1","DOI":"10.1184\/R1\/6468716.v1"},{"key":"3826_CR6","doi-asserted-by":"publisher","unstructured":"Schwartz, E. J., Avgerinos, T., and Brumley, D., All you ever wanted to know about dynamic taint analysis and forward symbolic execution (but might have been afraid to ask), Proc. of IEEE Symposium on Security and Privacy, 2010, pp. 317\u2013331. https:\/\/doi.org\/10.1109\/SP.2010.26","DOI":"10.1109\/SP.2010.26"},{"key":"3826_CR7","doi-asserted-by":"publisher","unstructured":"Wang, T., Wei, T., Gu, G., and Zou, W., TaintScope: a checksum-aware directed fuzzing tool for automatic software vulnerability detection, Proc. of IEEE Symposium on Security and Privacy, 2010, pp. 497\u2013512. https:\/\/doi.org\/10.1109\/SP.2010.37","DOI":"10.1109\/SP.2010.37"},{"key":"3826_CR8","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1145\/96267.96279","volume":"33","author":"B. P. Miller","year":"1990","unstructured":"Miller, B. P., Fredriksen, L., and So, B., An empirical study of the reliability of UNIX utilities, Communications of the ACM, 1990, vol. 33, no. 12, pp. 32\u201344. https:\/\/doi.org\/10.1145\/96267.96279","journal-title":"Communications of the ACM"},{"key":"3826_CR9","unstructured":"The Cyber Grand Challenge. https:\/\/blogs.grammatech.com\/the-cyber-grand-challenge. Accessed June 13, 2023."},{"key":"3826_CR10","doi-asserted-by":"publisher","unstructured":"Stephens, N., Grosen, J., Salls, C., Dutcher, A., Wang, R., Corbetta, J., Shoshitaishvili, Y., Kr\u00fcgel, C., and Vigna, G., Driller: Augmenting fuzzing through selective symbolic execution, Proc. of Network and Distributed System Security Symposium, 2016. https:\/\/doi.org\/10.14722\/NDSS.2016.23368","DOI":"10.14722\/NDSS.2016.23368"},{"key":"3826_CR11","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1109\/MSP.2018.1870859","volume":"16","author":"P. Goodman","year":"2018","unstructured":"Goodman, P. and Dinaburg, A., The past, present, and future of Cyberdyne, IEEE Security & Privacy, 2018, vol. 16, no. 2, pp. 61-69. https:\/\/doi.org\/10.1109\/MSP.2018.1870859","journal-title":"IEEE Security & Privacy"},{"key":"3826_CR12","unstructured":"Cisco Secure Development Lifecycle. https:\/\/www.cisco.com\/c\/en\/us\/about\/trust-center\/technology-built-in-security.html#~trustworthysolutionsfeatures. Accessed June 13, 2023."},{"key":"3826_CR13","unstructured":"Chromium Security. URL: https:\/\/www.chromium.org\/Home\/chromium-security\/bugs\/ (\u0434oc\u0442y\u043f 13.06.2023)"},{"key":"3826_CR14","unstructured":"Clusterfuzz. Chrome Fuzzing Infrastructure. https:\/\/code.google.com\/archive\/p\/clusterfuzz\/. Accessed June 13, 2023."},{"key":"3826_CR15","unstructured":"Aizatsky, M., Serebryany, K., Chang, O., Arya, A., and Whittaker, M., Announcing OSS-Fuzz: Continuous fuzzing for open source software. Google Open Source Blog, 2016. \nhttps:\/\/opensource.googleblog.com\/2016\/12\/announcing-oss-fuzz-continuous-fuzzing.html. Accessed June 13, 2023."},{"key":"3826_CR16","unstructured":"Microsoft Security Development Lifecycle. \nhttps:\/\/www.microsoft.com\/en-us\/securityengineering\/sdl\/practices. Accessed June 13, 2023."},{"key":"3826_CR17","doi-asserted-by":"publisher","unstructured":"Bounimova, E., Godefroid, P., and Molnar, D., Billions and billions of constraints: Whitebox fuzz testing in production, Proc. of 35th International Conference on Software Engineering (ICSE), San Francisco, USA, 2013, pp. 122\u2013131. https:\/\/doi.org\/10.1109\/ICSE.2013.6606558","DOI":"10.1109\/ICSE.2013.6606558"},{"key":"3826_CR18","unstructured":"Fuzzing Survey. https:\/\/fuzzing-survey.org\/. Accessed June 15, 2023."},{"key":"3826_CR19","volume-title":"Open Source Fuzzing Tools","author":"N. Rathaus","year":"2007","unstructured":"Rathaus, N. and Evron, G., Open Source Fuzzing Tools, Oxford: Syngress, 2007."},{"key":"3826_CR20","volume-title":"Fuzzing for Software Security Testing and Quality Assurance","author":"A. Takanen","year":"2018","unstructured":"Takanen, A., DeMott, J. D., Miller, C., and Kettunen, A., Fuzzing for Software Security Testing and Quality Assurance, Norwood: Artech House, 2018. 2nd ed."},{"key":"3826_CR21","doi-asserted-by":"publisher","unstructured":"Li, J., Zhao, B., and Zhang, C., Fuzzing: a Survey, Cybersecurity, 2018, no. 1. https:\/\/doi.org\/10.1186\/s42400-018-0002-y","DOI":"10.1186\/s42400-018-0002-y"},{"key":"3826_CR22","doi-asserted-by":"publisher","first-page":"118","DOI":"10.1016\/j.cose.2018.02.002","volume":"75","author":"C. Chen","year":"2018","unstructured":"Chen, C., Cui, B., Ma, J., Wu, R., Guo, J., and Liu, W., A systematic review of fuzzing techniques, Computers & Security, 2018, vol. 75, pp. 118\u2013137. https:\/\/doi.org\/10.1016\/j.cose.2018.02.002","journal-title":"Computers & Security"},{"key":"3826_CR23","doi-asserted-by":"publisher","first-page":"2312","DOI":"10.1109\/TSE.2019.2946563","volume":"47","author":"V. J. M. Manes","year":"2021","unstructured":"Manes, V. J. M., Han, H., Han, C., Cha, S. K., Egele, M., Schwartz, E. J., and Woo, M., The art, science, and engineering of fuzzing: A survey, IEEE Transactions on Software Engineering, 2021, vol. 47, no. 11, pp. 2312\u20132331. http:\/\/arxiv.org\/abs\/1812.00140. https:\/\/doi.org\/10.1109\/TSE.2019.2946563","journal-title":"IEEE Transactions on Software Engineering"},{"key":"3826_CR24","doi-asserted-by":"publisher","first-page":"1199","DOI":"10.1109\/TR.2018.2834476","volume":"67","author":"H. Liang","year":"2018","unstructured":"Liang, H., Pei, X., Jia, X., Shen, W., and Zhang, J., Fuzzing: state of the art, IEEE Transactions on Reliability, 2018, vol. 67, no. 3, pp. 1199\u20131218. https:\/\/doi.org\/10.1109\/TR.2018.2834476","journal-title":"IEEE Transactions on Reliability"},{"key":"3826_CR25","doi-asserted-by":"crossref","unstructured":"Vishnyakov, A. V., Error detection in the binary code by methods of dynamic symbolic execution, Cand. Sci. (Phys. Math.) Dissertation, Moscow: ISP RAS, 2022.","DOI":"10.15514\/ISPRAS-2022-34(2)-3"},{"key":"3826_CR26","doi-asserted-by":"publisher","unstructured":"Fioraldi, A., Maier, D. C., Zhang, D., and Balzarotti, D., LibAFL: a framework to build modular and reusable fuzzers, Proc of ACM SIGSAC Conference on Computer and Communication Security, 2022, pp. 1051\u20131065. https:\/\/doi.org\/10.1145\/3548606.3560602","DOI":"10.1145\/3548606.3560602"},{"key":"3826_CR27","doi-asserted-by":"publisher","first-page":"190","DOI":"10.1145\/1064978.1065034","volume":"40","author":"C.-K. Luk","year":"2005","unstructured":"Luk, C.-K., Cohn, R., Muth, R., Patil, H., Klauser, A., Lowney, G., Wallace, S., Reddi, V. J., and Hazelwood, K., Pin: building customized program analysis tools with dynamic instrumentation, ACM SIGPLAN Notices, 2005, vol. 40, no. 6, pp. 190\u2013200. https:\/\/doi.org\/10.1145\/1064978.1065034","journal-title":"ACM SIGPLAN Notices"},{"key":"3826_CR28","doi-asserted-by":"publisher","unstructured":"Bellard, F., QEMU, a fast and portable dynamic translator, Proc. of ATEC\u201905, USENIX Annual Technical Conference, 2005, pp. 41-46. https:\/\/doi.org\/10.5555\/1247360.1247401","DOI":"10.5555\/1247360.1247401"},{"key":"3826_CR29","unstructured":"Dyninst. https:\/\/dyninst.org\/dyninst. Accessed December 5, 2023."},{"key":"3826_CR30","unstructured":"Dyninst GitHub. https:\/\/github.com\/dyninst\/dyninst. Accessed December 5, 2023."},{"key":"3826_CR31","unstructured":"Bruening, D. L., Efficient, transparent, and comprehensive runtime code manipulation, Ph.D. Thesis, Boston: Massachusetts Institute of Technology, 2004."},{"key":"3826_CR32","unstructured":"DynamoRIO. https:\/\/github.com\/DynamoRIO\/dynamorio. Accessed December 5, 2023."},{"key":"3826_CR33","unstructured":"Zalewski, M., American Fuzzy Lop. \nhttps:\/\/github.com\/mirrorer\/afl. Accessed June 14, 2023."},{"key":"3826_CR34","unstructured":"AFL, supported by Google. https:\/\/github.com\/google\/AFL. Accessed June 19, 2023."},{"key":"3826_CR35","unstructured":"Oleksiuk, D., IOCTL Fuzzer. \nhttps:\/\/github.com\/Cr4sh\/ioctlfuzzer. Accessed June 14, 2023."},{"key":"3826_CR36","doi-asserted-by":"publisher","unstructured":"Chen, J., Diao, W., Zhao, Q., Zuo, C., Lin, Z., Wang, X., Lau, W. C., Sun, M., Yang, R., and Zhang, K., IoTFuzzer: discovering memory corruptions in IoT through app-based fuzzing, Proc. of the Network and Distributed System Security Symposium, 2018. https:\/\/doi.org\/10.14722\/ndss.2018.23159","DOI":"10.14722\/ndss.2018.23159"},{"key":"3826_CR37","doi-asserted-by":"publisher","unstructured":"Babi\u0107, D., Bucur, S., Chen, Y., Ivan\u010di\u0107, F., King, T., Kusano, M., Lemieux, C., Szekeres, L., and Wang, W., FUDGE: fuzz driver generation at scale, Proc. of 27th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, 2019, pp. 975\u2013985. https:\/\/doi.org\/10.1145\/3338906.3340456","DOI":"10.1145\/3338906.3340456"},{"key":"3826_CR38","doi-asserted-by":"publisher","unstructured":"Ispoglou, K. K., Austin, D., Mohan, V., and Payer, M., FuzzGen: automatic fuzzer generation, Proc. of 29th USENIX Security Symposium, 2020, pp. 2271\u20132287. https:\/\/doi.org\/10.5555\/3489212.3489340","DOI":"10.5555\/3489212.3489340"},{"key":"3826_CR39","doi-asserted-by":"publisher","unstructured":"Zhang, M., Liu, J., Ma, F., Zhang, H., and Jiang, Y., IntelliGen: automatic driver synthesis for fuzz testing, Proc. of IEEE\/ACM 43rd International Conference on Software Engineering: Software Engineering in Practice, 2021, pp. 318\u2013327. https:\/\/arxiv.org\/abs\/2103.00862. https:\/\/doi.org\/10.1109\/ICSE-SEIP52600.2021.00041","DOI":"10.1109\/ICSE-SEIP52600.2021.00041"},{"key":"3826_CR40","unstructured":"GRR. https:\/\/github.com\/lifting-bits\/grr. Accessed June 14, 2023."},{"key":"3826_CR41","unstructured":"LibFuzzer \u2013 a Library for Coverage-guided Fuzz Testing. https:\/\/llvm.org\/docs\/LibFuzzer.html. Accessed June 14, 2023."},{"key":"3826_CR42","unstructured":"Swiecki, R., and Gr\u00f6bert, F., Honggfuzz. \nhttps:\/\/github.com\/google\/honggfuzz. Accessed June 16, 2023."},{"key":"3826_CR43","doi-asserted-by":"publisher","unstructured":"Sen, K., Effective random testing of concurrent programs, Proc. of 22th IEEE\/ACM International Conference on Automated Software Engineering, 2007, pp. 323\u2013332. https:\/\/doi.org\/10.1145\/1321631.1321679","DOI":"10.1145\/1321631.1321679"},{"key":"3826_CR44","doi-asserted-by":"publisher","first-page":"110","DOI":"10.1145\/1543135.1542489","volume":"44","author":"P. Joshi","year":"2009","unstructured":"Joshi, P., Park, C.-S., Sen, K., and Naik, M., A randomized dynamic program analysis technique for detecting real deadlocks, ACM SIGPLAN Notices, 2009, vol. 44, no. 6, pp. 110\u2013120. https:\/\/doi.org\/10.1145\/1543135.1542489","journal-title":"ACM SIGPLAN Notices"},{"key":"3826_CR45","doi-asserted-by":"publisher","unstructured":"Lai, Z., Cheung, S., and Chan, W., Detecting atomic-set serializability violations in multithreaded programs through active randomized testing, Proc. of 32nd ACM\/IEEE International Conference on Software Engineering, 2010, vol. 1, pp. 235\u2013244. https:\/\/doi.org\/10.1145\/1806799.1806836","DOI":"10.1145\/1806799.1806836"},{"key":"3826_CR46","doi-asserted-by":"publisher","unstructured":"Cai, Y. and Chan, W. K., MagicFuzzer: Scalable deadlock detection for large-scale applications, Proc. of 34th International Conference on Software Engineering (ICSE), Zurich, Switzerland, 2012, pp. 606\u2013616. https:\/\/doi.org\/10.1109\/ICSE.2012.6227156","DOI":"10.1109\/ICSE.2012.6227156"},{"key":"3826_CR47","doi-asserted-by":"publisher","unstructured":"Samak, M., Ramanathan, M. K., and Jagannathan, S., Synthesizing racy tests, Proc. of 36th ACM SIGPLAN Conference on Programming Language Design and Implementation, 2015, pp. 175\u2013185. https:\/\/doi.org\/10.1145\/2737924.2737998","DOI":"10.1145\/2737924.2737998"},{"key":"3826_CR48","doi-asserted-by":"publisher","unstructured":"Ganesh, V., Leek, T., and Rinard, M., Taint-based directed whitebox fuzzing, Proc. of 31st International Conference on Software Engineering (ICSE\u201909), 2009, pp. 474\u2013484. https:\/\/doi.org\/10.1109\/ICSE.2009.5070546","DOI":"10.1109\/ICSE.2009.5070546"},{"key":"3826_CR49","doi-asserted-by":"publisher","unstructured":"Haller, I., Slowinska, A., Neugschwandtner, M., and Bos, H., Dowsing for overflows: a guided fuzzer to find buffer boundary violations, Proc. of 22nd USENIX Security Symposium, 2013, pp. 49\u201364. https:\/\/doi.org\/10.5555\/2534766.2534772","DOI":"10.5555\/2534766.2534772"},{"key":"3826_CR50","doi-asserted-by":"publisher","unstructured":"Ma, L., Artho, C., Zhang, C., Sato, H., Gmeiner, J., and Ramler, R., GRT: Program-analysis-guided random testing, Proc. of 30th IEEE\/ACM International Conference on Automated Software Engineering, 2015, pp. 212\u2013223. https:\/\/doi.org\/10.1109\/ASE.2015.49","DOI":"10.1109\/ASE.2015.49"},{"key":"3826_CR51","doi-asserted-by":"publisher","unstructured":"Rawat, S., Jain, V., Kumar, A., Cojocar, L., Giuffrida, C., and Bos, H., VUzzer: Application-aware evolutionary fuzzing, Proc. of Network and Distributed System Security Symposium, 2017. https:\/\/doi.org\/10.14722\/NDSS.2017.23404","DOI":"10.14722\/NDSS.2017.23404"},{"key":"3826_CR52","doi-asserted-by":"publisher","unstructured":"Peng, H., Shoshitaishvili, Y., and Payer, M., T-Fuzz: Fuzzing by program transformation, Proc. of IEEE Symposium on Security and Privacy, 2018, pp. 697\u2013710. https:\/\/doi.org\/10.1109\/SP.2018.00056","DOI":"10.1109\/SP.2018.00056"},{"key":"3826_CR53","unstructured":"FFmpeg Repository. http:\/\/samples.ffmpeg.org\/. Accessed June 16, 2023."},{"key":"3826_CR54","unstructured":"CERT BFF. https:\/\/resources.sei.cmu.edu\/library\/asset-view.cfm?assetID=507974. Accessed June 15, 2023."},{"key":"3826_CR55","doi-asserted-by":"publisher","unstructured":"Householder, A. D. and Foote, J., Probability-based parameter selection for black-box fuzz testing, SEI Technical Note, CMU\/SEI-2012-TN-019, 2012. https:\/\/doi.org\/10.21236\/ada610472","DOI":"10.21236\/ada610472"},{"key":"3826_CR56","doi-asserted-by":"publisher","unstructured":"Woo, M., Cha, S. K., Gottlieb, S., and Brumley, D., Scheduling black-box mutational fuzzing, Proc. of ACM SIGSAC Conference on Computer & Communications Security (CCS '13), 2013, pp. 511\u2013522. https:\/\/doi.org\/10.1145\/2508859.2516736","DOI":"10.1145\/2508859.2516736"},{"key":"3826_CR57","doi-asserted-by":"publisher","unstructured":"B\u00f6hme, M., Pham, V.-T., and Roychoudhury, A., Coverage-based greybox fuzzing as Markov chain, Proc. of ACM SIGSAC Conference on Computer and Communications Security (CCS '16), 2016, pp. 1032\u20131043. https:\/\/doi.org\/10.1145\/2976749.2978428","DOI":"10.1145\/2976749.2978428"},{"key":"3826_CR58","unstructured":"Syzkaller \u2013 kernel fuzzer. https:\/\/github.com\/google\/syzkaller. Accessed June 15, 2023."},{"key":"3826_CR59","unstructured":"Vyukov, D., go-fuzz. https:\/\/github.com\/dvyukov\/go-fuzz. Accessed June 19, 2023."},{"key":"3826_CR60","doi-asserted-by":"publisher","unstructured":"Li, Y., Chen, B., Chandramohan, M., Lin, S.-W., Liu, Y., and Tiu, A., Steelix: Program-state based binary fuzzing, Proc. of 11th Joint Meeting on Foundations of Software Engineering, 2017, pp. 627\u2013637. https:\/\/doi.org\/10.1145\/3106237.3106295","DOI":"10.1145\/3106237.3106295"},{"key":"3826_CR61","doi-asserted-by":"publisher","unstructured":"Chen, P. and Chen, H., Angora: Efficient fuzzing by principled search, Proc. of IEEE Symposium on Security and Privacy, 2018, pp. 711\u2013725. https:\/\/doi.org\/10.1109\/SP.2018.00046","DOI":"10.1109\/SP.2018.00046"},{"key":"3826_CR62","doi-asserted-by":"publisher","unstructured":"B\u00f6hme, M., Pham, V.-T., Nguyen, M.-D., and Roychoudhury, A., Directed greybox fuzzing, Proc. of ACM SIGSAC Conference on Computer and Communications Security (CCS '17), 2017, pp. 2329\u20132344. https:\/\/doi.org\/10.1145\/3133956.3134020","DOI":"10.1145\/3133956.3134020"},{"key":"3826_CR63","doi-asserted-by":"publisher","unstructured":"Wang, S., Nam, J., and Tan, L., QTEP: Quality-aware test case prioritization, Proc. of 11th Joint Meeting on Foundations of Software Engineering (ESEC\/FSE 2017), 2017, pp. 523\u2013534. https:\/\/doi.org\/10.1145\/3106237.3106258","DOI":"10.1145\/3106237.3106258"},{"key":"3826_CR64","unstructured":"Eddington, M., Peach Fuzzer. https:\/\/peachtech.gitlab.io\/peach-fuzzer-community\/. Accessed June 13, 2023."},{"key":"3826_CR65","doi-asserted-by":"publisher","unstructured":"Aschermann, C., Frassetto, T., Holz, T., Jauernig, P., Sadeghi, A., and Teuchert, D., NAUTILUS: Fishing for deep bugs with grammars, Proc. of Network and Distributed System Security Symposium, 2019. https:\/\/doi.org\/10.14722\/ndss.2019.23412","DOI":"10.14722\/ndss.2019.23412"},{"key":"3826_CR66","unstructured":"Bradshaw, S., Fuzzer Automation with SPIKE. https:\/\/resources.infosecinstitute.com\/topic\/fuzzer-automation-with-spike\/. Accessed June 13, 2023."},{"key":"3826_CR67","unstructured":"SPIKE Protocol Fuzzer Creation Kit. \nhttps:\/\/github.com\/guilhermeferreira\/spikepp. Accessed June 13, 2023."},{"key":"3826_CR68","unstructured":"Amini, P., Portnoy, A., and Sears, R., Sulley. \nhttps:\/\/github.com\/OpenRCE\/sulley. Accessed June 15, 2023."},{"key":"3826_CR69","series-title":"Software security assessment through specification mutations and fault injection","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-35413-2_16","volume-title":"Communications and Multimedia Security Issues of the New Century, IFIP \u2014 The International Federation for Information Processing","author":"R. Kaksonen","year":"2001","unstructured":"Kaksonen, R., Laakso, M., and Takanen, A., Software security assessment through specification mutations and fault injection, in Steinmetz, R., \n               Dittman, J., and \n               Steinebach, M. \n               (eds), \n               Communications and Multimedia Security Issues of the New Century, IFIP \u2014 The International Federation for Information Processing, Springer, 2001, vol 64, pp. 173\u2013183. https:\/\/doi.org\/10.1007\/978-0-387-35413-2_16"},{"key":"3826_CR70","series-title":"SNOOZE: Toward a stateful NetwOrk protocol fuzzer","doi-asserted-by":"publisher","DOI":"10.1007\/11836810_25","volume-title":"Information Security, ISC 2006.","author":"G. Banks","year":"2006","unstructured":"Banks, G., Cova, M., Felmetsger, V., Almeroth, K., Kemmerer, R., and Vigna, G., SNOOZE: Toward a stateful NetwOrk protocol fuzzer, in Katsikas, S. K., \n               L\u00f3pez, J., \n               Backes, M., \n               Gritzalis, S., and \n               Preneel, B. \n               (eds), \n               Information Security, ISC 2006. \n               Lecture Notes in Computer Science, Springer, 2006, vol. 4176, pp. 343\u2013358. https:\/\/doi.org\/10.1007\/11836810_25"},{"key":"3826_CR71","doi-asserted-by":"publisher","DOI":"10.1145\/1326304.1326313","volume-title":"KiF: A stateful SIP fuzzer","author":"H. J. Abdelnur","year":"2007","unstructured":"Abdelnur, H. J., State, R., and Festor, O., KiF: A stateful SIP fuzzer, Principles, Systems and Applications of IP Telecommunications, 2007. https:\/\/doi.org\/10.1145\/1326304.1326313"},{"key":"3826_CR72","doi-asserted-by":"publisher","unstructured":"Johansson, W., Svensson, M., Larson, U. E., Almgren, M., and Gulisano, V., T-Fuzz: Model-based fuzzing for robustness testing of telecommunication protocols, Proc. of IEEE 7th International Conference on Software Testing, Verification and Validation, 2014, pp. 323\u2013332. https:\/\/doi.org\/10.1109\/ICST.2014.45","DOI":"10.1109\/ICST.2014.45"},{"key":"3826_CR73","unstructured":"Trinity: Linux System Call Fuzzer. \nhttps:\/\/github.com\/kernelslacker\/trinity. Accessed June 13, 2023."},{"key":"3826_CR74","unstructured":"KernelFuzzer. https:\/\/github.com\/FSecureLABS\/KernelFuzzer. Accessed June 15, 2023."},{"key":"3826_CR75","doi-asserted-by":"publisher","unstructured":"Godefroid, P., Kiezun, A., and Levin, M. Y., Grammar-based whitebox fuzzing, Proc. of 29th ACM SIGPLAN Conference on Programming Language Design and Implementation, 2008, pp. 206\u2013215. https:\/\/doi.org\/10.1145\/1375581.1375607","DOI":"10.1145\/1375581.1375607"},{"key":"3826_CR76","doi-asserted-by":"publisher","unstructured":"Pham, V.-T., B\u00f6hme, M., and Roychoudhury, A., Model-based whitebox fuzzing for program binaries, Proc. of 31st IEEE\/ACM International Conference on Automated Software Engineering, 2016, pp. 543\u2013553. https:\/\/doi.org\/10.1145\/2970276.2970316","DOI":"10.1145\/2970276.2970316"},{"key":"3826_CR77","doi-asserted-by":"publisher","unstructured":"Kim, S. Y., Lee, S., Yun, I., Xu, W., Lee, B., Yun, Y., and Kim, T., CAB-Fuzz: Practical concolic testing techniques for COTS operating systems, Proc. of USENIX Annual Technical Conference, 2017, pp. 689\u2013701. https:\/\/doi.org\/10.5555\/3154690.3154755","DOI":"10.5555\/3154690.3154755"},{"key":"3826_CR78","unstructured":"DOMFuzz. https:\/\/github.com\/MozillaSecurity\/domfuzz. Accessed June 16, 2023."},{"key":"3826_CR79","unstructured":"Jzfunfuzz. https:\/\/github.com\/MozillaSecurity\/funfuzz. Accessed June 16, 2023."},{"key":"3826_CR80","doi-asserted-by":"publisher","unstructured":"Brubaker, C., Jana, S., Ray, B., Khurshid, S., Shmatikov, V., Using Frankencerts for automated adversarial testing of certificate validation in SSL\/TLS implementations, Proc. of IEEE Symposium on Security and Privacy, 2014, pp. 114\u2013129. https:\/\/doi.org\/10.1109\/SP.2014.15","DOI":"10.1109\/SP.2014.15"},{"key":"3826_CR81","unstructured":"Kario, H., Tlfuzzer. https:\/\/github.com\/tlsfuzzer\/tlsfuzzer. Accessed June 16, 2023."},{"key":"3826_CR82","doi-asserted-by":"publisher","unstructured":"Somorovsky, J., Systematic fuzzing and testing of TLS libraries, Proc. of ACM SIGSAC Conference on Computer and Communications Security, 2016, pp. 1492\u20131504. https:\/\/doi.org\/10.1145\/2976749.2978411","DOI":"10.1145\/2976749.2978411"},{"key":"3826_CR83","doi-asserted-by":"publisher","unstructured":"Wang, J., Chen, B., Wei, L., and Liu, Y., Skyfire: Data-driven seed generation for fuzzing, Proc. of the IEEE Symposium on Security and Privacy, 2017, pp. 579\u2013594. https:\/\/doi.org\/10.1109\/SP.2017.23","DOI":"10.1109\/SP.2017.23"},{"key":"3826_CR84","doi-asserted-by":"publisher","unstructured":"Della Toffola, L., Staicu, C. A., and Pradel, M., Saying \u2018hi!\u2019 is not enough: Mining inputs for effective test generation, Proc. of 32nd IEEE\/ACM International Conference on Automated Software Engineering, 2017, pp. 44\u201349. https:\/\/doi.org\/10.5555\/3155562.3155572","DOI":"10.5555\/3155562.3155572"},{"key":"3826_CR85","doi-asserted-by":"publisher","unstructured":"Han, H., Oh, D., and Cha, S. K., CodeAlchemist: Semantics-aware code generation to find vulnerabilities in Javascript engines, Proc. of Network and Distributed System Security Symposium, 2019. https:\/\/doi.org\/10.14722\/ndss.2019.23263","DOI":"10.14722\/ndss.2019.23263"},{"key":"3826_CR86","doi-asserted-by":"publisher","unstructured":"Han, H. and Cha, S. K., IMF: Inferred model-based fuzzer, Proc. of ACM SIGSAC Conference on Computer and Communications Security, 2017, pp. 2345\u20132358. https:\/\/doi.org\/10.1145\/3133956.3134103","DOI":"10.1145\/3133956.3134103"},{"key":"3826_CR87","doi-asserted-by":"publisher","unstructured":"Godefroid, P., Peleg, H., and Singh, R., Learn&Fuzz: Machine learning for input fuzzing, Proc. of 32nd IEEE\/ACM International Conference on Automated Software Engineering, 2017, pp. 50\u201359. https:\/\/arxiv.org\/abs\/1701.07232. https:\/\/doi.org\/10.48550\/arXiv.1701.07232","DOI":"10.48550\/arXiv.1701.07232"},{"key":"3826_CR88","doi-asserted-by":"publisher","unstructured":"Liu, P., Zhang, X., Pistoia, M., Zheng, Y., Marques, M., and Zeng, L., Automatic text input generation for mobile testing, Proc. of IEEE\/ACM 39th International Conference on Software Engineering (ICSE), 2017, pp.\u00a0643\u2013653. https:\/\/doi.org\/10.1109\/ICSE.2017.65","DOI":"10.1109\/ICSE.2017.65"},{"key":"3826_CR89","doi-asserted-by":"publisher","unstructured":"H\u00f6schele, M. and Zeller, A., Mining input grammars from dynamic taints, Proc. of 31st IEEE\/ACM International Conference on Automated Software Engineering (ASE), 2016, pp. 720-725. https:\/\/doi.org\/10.1145\/2970276.2970321","DOI":"10.1145\/2970276.2970321"},{"key":"3826_CR90","doi-asserted-by":"publisher","unstructured":"Bastani, O., Sharma, R., Aiken, A., and Liang, P., Synthesizing program input grammars, Proc. of 38th ACM SIGPLAN Conference on Programming Language Design and Implementation, 2017, pp. 95-110. https:\/\/arxiv.org\/abs\/1608.01723. https:\/\/doi.org\/10.1145\/3062341.3062349","DOI":"10.1145\/3062341.3062349"},{"key":"3826_CR91","doi-asserted-by":"publisher","unstructured":"Doup\u00e9, A., Cavedon, L., Kruegel, C., and Vigna, G., Enemy of the state: A state-aware black-box web vulnerability scanner, Proc. of 21st USENIX Security Symposium, 2012, pp. 523\u2013538. https:\/\/doi.org\/10.5555\/2362793.2362819","DOI":"10.5555\/2362793.2362819"},{"key":"3826_CR92","doi-asserted-by":"publisher","unstructured":"Gascon, H., Wressnegger, C., Yamaguchi, F., Arp, D., and Rieck, K., PULSAR: Stateful black-box fuzzing of proprietary network protocols, Proc. of International Conference on Security and Privacy in Communication Systems, 2015, pp. 330\u2013347. https:\/\/doi.org\/10.1007\/978-3-319-28865-9_18","DOI":"10.1007\/978-3-319-28865-9_18"},{"key":"3826_CR93","unstructured":"Helin, A., Radamsa. https:\/\/gitlab.com\/akihe\/radamsa. Accessed June 16, 2023."},{"key":"3826_CR94","unstructured":"Hocevar, S., Zzuf. https:\/\/github.com\/samhocevar\/zzuf. Accessed June 16, 2023."},{"key":"3826_CR95","doi-asserted-by":"publisher","unstructured":"Cha, S. K., Woo, M., and Brumley, D., Program-adaptive mutational fuzzing, Proc. of IEEE Symposium on Security and Privacy, 2015, pp. 725\u2013741. https:\/\/doi.org\/10.1109\/SP.2015.50","DOI":"10.1109\/SP.2015.50"},{"key":"3826_CR96","doi-asserted-by":"publisher","unstructured":"Karg\u00e9n, U. and Shahmehri, N., Turning programs against each other: High coverage fuzz testing using binary-code mutation and dynamic slicing, Proc. of 10th Joint Meeting on Foundations of Software Engineering (ESEC\/FSE 2015), 2015, pp. 782\u2013792. https:\/\/doi.org\/10.1145\/2786805.2786844","DOI":"10.1145\/2786805.2786844"},{"key":"3826_CR97","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1145\/1995376.1995394","volume":"54","author":"L. D. Moura","year":"2011","unstructured":"Moura, L. D. and Bj\u00f8rner, N., Satisfiability modulo theories: Introduction and applications, Communications of the ACM, 2011, vol. 54, no. 9, pp. 69\u201377. https:\/\/doi.org\/10.1145\/1995376.1995394","journal-title":"Communications of the ACM"},{"key":"3826_CR98","doi-asserted-by":"publisher","unstructured":"Gan, S., Zhang, C., Qin, X., Tu, X., Li, K., Pei, Z., and Chen, Z., CollAFL: Path sensitive fuzzing, Proc. of IEEE Symposium on Security and Privacy, 2018, pp.\u00a0679\u2013696. https:\/\/doi.org\/10.1109\/SP.2018.00040","DOI":"10.1109\/SP.2018.00040"},{"key":"3826_CR99","doi-asserted-by":"publisher","first-page":"131166","DOI":"10.1109\/ACCESS.2021.3114202","volume":"9","author":"F. Rustamov","year":"2021","unstructured":"Rustamov, F., Kim, J., Yu, J., and Yun, J., Exploratory review of hybrid fuzzing for automated vulnerability detection, IEEE Access, 2021, vol. 9, pp. 131166-131190. https:\/\/doi.org\/10.1109\/ACCESS.2021.3114202","journal-title":"IEEE Access"},{"key":"3826_CR100","doi-asserted-by":"publisher","first-page":"263","DOI":"10.1145\/1095430.1081750","volume":"30","author":"K. Sen","year":"2005","unstructured":"Sen, K., Marinov, D., and Agha, G., CUTE: A concolic unit testing engine for C, ACM SIGSOFT Software Engineering Notes, 2005, vol. 30, no. 5, pp. 263-272. https:\/\/doi.org\/10.1145\/1095430.1081750","journal-title":"ACM SIGSOFT Software Engineering Notes"},{"key":"3826_CR101","doi-asserted-by":"publisher","first-page":"213","DOI":"10.1145\/1064978.1065036","volume":"40","author":"P. Godefroid","year":"2005","unstructured":"Godefroid, P., Klarlund, N., and Sen, K., DART: Directed automated random testing, ACM SIGPLAN Notices, 2005, vol. 40, no. 6, pp. 213\u2013223. https:\/\/doi.org\/10.1145\/1064978.1065036","journal-title":"ACM SIGPLAN Notices"},{"key":"3826_CR102","doi-asserted-by":"publisher","unstructured":"Cadar, C., Dunbar, D., and Engler, D., KLEE: Unassisted and automatic generation of high-coverage tests for complex systems programs, Proc. of the 8th USENIX conference on Operating System Design and Implementation, 2008, pp. 209\u2013224. https:\/\/doi.org\/10.5555\/1855741.1855756","DOI":"10.5555\/1855741.1855756"},{"key":"3826_CR103","unstructured":"Godefroid, P., Levin, M. Y., and Molnar, D. A., Automated whitebox fuzz testing, Proc. of Network and Distributed System Security Symposium, 2008, pp. 151\u2013166."},{"key":"3826_CR104","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1145\/2093548.2093564","volume":"55","author":"P. Godefroid","year":"2012","unstructured":"Godefroid, P., Levin, M. Y., and Molnar, D., SAGE: Whitebox fuzzing for security testing, Communications of ACM, 2012, vol. 55, no. 3, pp. 40\u201344. https:\/\/doi.org\/10.1145\/2093548.2093564","journal-title":"Communications of ACM"},{"key":"3826_CR105","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1145\/1961295.1950396","volume":"46","author":"V. Chipounov","year":"2011","unstructured":"Chipounov, V., Kuznetsov, V., and Candea, G., S2E: A platform for in-vivo multi-path analysis of software systems, ACM SIGARCH Computer Architecture News Notices, 2011, vol. 46, no. 3, pp. 265\u2013278. https:\/\/doi.org\/10.1145\/1961295.1950396","journal-title":"ACM SIGARCH Computer Architecture News Notices"},{"key":"3826_CR106","doi-asserted-by":"publisher","unstructured":"Cha, S. K., Avgerinos, T., Rebert, A., and Brumley, D., Unleashing Mayhem on binary code, Proc. of IEEE Symposium on Security and Privacy, 2012, pp. 380\u2013394. https:\/\/doi.org\/10.1109\/SP.2012.31","DOI":"10.1109\/SP.2012.31"},{"key":"3826_CR107","doi-asserted-by":"publisher","unstructured":"Neugschwandtner, M., Comparetti, P. M., Haller, I., and Bos, H., The BORG: Nanoprobing binaries for buffer overreads, Proc. of 5th ACM Conference on Data and Application Security and Privacy (CODASPY '15), 2015, pp. 87\u201397. https:\/\/doi.org\/10.1145\/2699026.2699098","DOI":"10.1145\/2699026.2699098"},{"key":"3826_CR108","doi-asserted-by":"publisher","unstructured":"Yun, I., Lee, S., Xu, M., Jang, Y., and Kim, T., QSYM: A practical concolic execution engine tailored for hybrid fuzzing, Proc. of 27th USENIX Security Symposium, 2018, pp. 745\u2013761. https:\/\/doi.org\/10.5555\/3277203.3277260","DOI":"10.5555\/3277203.3277260"},{"key":"3826_CR109","doi-asserted-by":"publisher","unstructured":"Sargsyan, S., Hakobyan, J., Mehrabyan, M., Mishechkin, M., Akozin, V., and Kurmangaleev, S., ISP-fuzzer: extendable fuzzing framework, Proc. of 2019 Ivannikov Memorial Workshop (IVMEM), 2019, pp. 68-71. https:\/\/doi.org\/10.1109\/IVMEM.2019.00017","DOI":"10.1109\/IVMEM.2019.00017"},{"key":"3826_CR110","unstructured":"Mishechkin, M. V., Akolzin, V. V., and Kurmanga-leev,\u00a0Sh. F., Architecture and functionality of the ISP Fuzzer tool, Ivannikov ISP RAS Open Conference, 2020."},{"key":"3826_CR111","doi-asserted-by":"publisher","unstructured":"Vishnyakov, A., Fedotov, A., Kuts, D., Novikov, A., Parygina, D., Kobrin, E., Logunova, V., Belecky, P., and Kurmangaleev, S., Sydr: Cutting edge dynamic symbolic execution, Ivannikov ISP RAS Open Conference (ISPRAS), 2020, pp. 46\u201354. https:\/\/doi.org\/10.1109\/ISPRAS51486.2020.00014","DOI":"10.1109\/ISPRAS51486.2020.00014"},{"key":"3826_CR112","doi-asserted-by":"publisher","unstructured":"Aschermann, C., Schumilo, S., Blazytko, T., Gawlik, R., and Holz, T., REDQUEEN: Fuzzing with input-to-state correspondence, Proc. of Network and Distributed System Security Symposium, 2019. https:\/\/doi.org\/10.14722\/ndss.2019.23371","DOI":"10.14722\/ndss.2019.23371"},{"key":"3826_CR113","doi-asserted-by":"publisher","DOI":"10.1109\/ISPRAS53967.2021.00012","volume-title":"Casr-Cluster: Crash clustering for Linux applications, 2021 Ivannikov ISPRAS Open Conference","author":"G. Savidov","year":"2021","unstructured":"Savidov, G., and Fedotov, A., Casr-Cluster: Crash clustering for Linux applications, 2021 Ivannikov ISPRAS Open Conference \n               (ISPRAS), 2021, pp. 47\u201351. https:\/\/doi.org\/10.1109\/ISPRAS53967.2021.00012"},{"key":"3826_CR114","unstructured":"CASR: Crash Analysis and Severity Report. \nhttps:\/\/github.com\/ispras\/casr. Accessed December 5, 2023."},{"key":"3826_CR115","doi-asserted-by":"publisher","unstructured":"Molnar, D., Li, X. C., and Wagner, D. A., Dynamic test generation to find integer bugs in x86 binary Linux programs, Proc. of 18th USENIX Security Symposium, 2009, pp. 67\u201382. https:\/\/doi.org\/10.5555\/1855768.1855773","DOI":"10.5555\/1855768.1855773"},{"key":"3826_CR116","doi-asserted-by":"publisher","unstructured":"Cui, W., Peinado, M., Cha, S. K., Fratantonio, Y., and Kemerlis, V. P., RETracer: Triaging crashes by reverse execution from partial memory dumps, Proc. of 38th International Conference on Software Engineering, 2016, pp. 820\u2013831. https:\/\/doi.org\/10.1145\/2884781.2884844","DOI":"10.1145\/2884781.2884844"},{"key":"3826_CR117","doi-asserted-by":"publisher","unstructured":"Regehr, J., Chen, Y., Cuoq, P., Eide, E., Ellison, C., and Yang, X., Test-case reduction for C compiler bugs, Proc. of ACM SIGPLAN Notices, 2012, vol. 47, no. 6, pp.\u00a0335\u2013346. https:\/\/doi.org\/10.1145\/2345156.2254104","DOI":"10.1145\/2345156.2254104"},{"key":"3826_CR118","unstructured":"Foote, J., GDB Exploitable Plugin. \nhttps:\/\/github.com\/jfoote\/exploitable. Accessed June 19, 2023."},{"key":"3826_CR119","doi-asserted-by":"publisher","unstructured":"Cadar, C., Ganesh, V., Pawlowski, P. M., Dill, D. L., and Engler, D., EXE: Automatically generating inputs of death, Proc. of 13th ACM Conference on Computer and Communications Security, 2006, pp 322\u2013335. https:\/\/doi.org\/10.1145\/1180405.1180445","DOI":"10.1145\/1180405.1180445"},{"key":"3826_CR120","unstructured":"KLEE Symbolic Virtual Machine. \nhttps:\/\/github.com\/klee\/klee."},{"key":"3826_CR121","doi-asserted-by":"publisher","unstructured":"Fioraldi, A., Maier, D., Ei\u00dffeldt, H., and Heuse, M., AFL++: Combining incremental steps of fuzzing research, Proc. of 14th USENIX Conference on Offensive Technologies (WOOT'20), USENIX Association, 2020. https:\/\/doi.org\/10.5555\/3488877.3488887","DOI":"10.5555\/3488877.3488887"},{"key":"3826_CR122","unstructured":"AFL++. https:\/\/github.com\/AFLplusplus\/AFLplusplus. Accessed December 5, 2023."},{"key":"3826_CR123","doi-asserted-by":"publisher","unstructured":"Schumilo, S., Aschermann, C., Gawlik, R., Schinzel, S., and Holz, T., kAFL: Hardware-assisted feedback fuzzing for OS kernels, Proc. of 26th USENIX Security Symposium, 2017, pp. 167\u2013182. https:\/\/doi.org\/10.5555\/3241189.3241204","DOI":"10.5555\/3241189.3241204"},{"key":"3826_CR124","unstructured":"Boofuzz. https:\/\/github.com\/jtpereyda\/boofuzz. Accessed June 19, 2023."},{"key":"3826_CR125","unstructured":"Defensics. https:\/\/www.synopsys.com\/software-integrity\/security-testing\/fuzz-testing.html. Accessed December 5, 2023."},{"key":"3826_CR126","doi-asserted-by":"publisher","unstructured":"Tsankov, P., Dashti, M. T., and Basin, D., SecFuzz: Fuzz-testing security protocols, Proc. of 7th International Workshop on Automation of Software Test (AST), 2012, pp. 1\u20137. https:\/\/doi.org\/10.1109\/IWAST.2012.6228985","DOI":"10.1109\/IWAST.2012.6228985"},{"key":"3826_CR127","doi-asserted-by":"publisher","first-page":"14745","DOI":"10.1007\/s11042-015-2763-6","volume":"75","author":"T. L. Munea","year":"2016","unstructured":"Munea, T. L., Lim, H., and Shon, T., Network protocol fuzz testing for information systems and applications: A survey and taxonomy, Multimedia Tools and Applications, 2016, vol. 75, pp. 14745\u201314757. https:\/\/doi.org\/10.1007\/s11042-015-2763-6","journal-title":"Multimedia Tools and Applications"},{"key":"3826_CR128","doi-asserted-by":"publisher","first-page":"283","DOI":"10.1145\/1993316.1993532","volume":"46","author":"X. Yang","year":"2011","unstructured":"Yang, X., Chen, Y., Eide, E., and Regehr, J., Finding and understanding bugs in C compilers, ACM SIGPLAN Notices, 2011, vol. 46, no. 6, pp. 283\u2013294. https:\/\/doi.org\/10.1145\/1993316.1993532","journal-title":"ACM SIGPLAN Notices"},{"key":"3826_CR129","unstructured":"Csmith. https:\/\/github.com\/csmith-project\/csmith. Accessed June 20, 2023."},{"key":"3826_CR130","doi-asserted-by":"publisher","unstructured":"Holler, C., Herzig, K., and Zeller, A., Fuzzing with code fragments, Proc. of 21th USENIX Security Symposium, 2012, pp. 445\u2013458. https:\/\/doi.org\/10.5555\/2362793.2362831","DOI":"10.5555\/2362793.2362831"},{"key":"3826_CR131","doi-asserted-by":"publisher","unstructured":"Ma, H., A survey of modern compiler fuzzing, 2023. https:\/\/arxiv.org\/abs\/2306.06884. https:\/\/doi.org\/10.48550\/arXiv.2306.06884","DOI":"10.48550\/arXiv.2306.06884"},{"key":"3826_CR132","series-title":"VDF: Targeted evolutionary fuzz testing of virtual devices","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-66332-6_1","volume-title":"Research in Attacks, Intrusions, and Defenses (RAID 2017). LNCS","author":"A. Henderson","year":"2017","unstructured":"Henderson, A., Yin, H., Jin, G., Han, H., and Deng, H., VDF: Targeted evolutionary fuzz testing of virtual devices, in Dacier, M., \n               Bailey, M., \n               Polychronakis, M., and \n               Antonakakis, M. \n               (eds), \n               Research in Attacks, Intrusions, and Defenses (RAID 2017). LNCS, Springer, 2017, vol. 10453, pp. 3\u201325. https:\/\/doi.org\/10.1007\/978-3-319-66332-6_1"},{"key":"3826_CR133","doi-asserted-by":"publisher","first-page":"10390","DOI":"10.1109\/JIOT.2021.3056179","volume":"8","author":"M. Eceiza","year":"2021","unstructured":"Eceiza, M., Flores, J. L., and Iturbe, M., Fuzzing the Internet of Things: A review on the techniques and challenges for efficient vulnerability discovery in embedded systems, IEEE Internet of Things Journal, 2021, vol. 8, no. 13, pp. 10390\u201310411. https:\/\/doi.org\/10.1109\/JIOT.2021.3056179","journal-title":"IEEE Internet of Things Journal"},{"key":"3826_CR134","doi-asserted-by":"publisher","unstructured":"Eisele, M., Maugeri, M., Shriwas, R., Huth, C., and Bella, G., Embedded fuzzing: A review of challenges, tools, and solutions, Cybersecurity, 2022, vol. 5, no. 1. https:\/\/doi.org\/10.1186\/s42400-022-00123-y","DOI":"10.1186\/s42400-022-00123-y"},{"key":"3826_CR135","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3538644","volume":"55","author":"J. Yun","year":"2023","unstructured":"Yun, J., Rustamov, F., Kim, J., and Shin, Y., Fuzzing of embedded systems: A survey, ACM Computing Surveys, 2023, vol. 55, no. 7, pp. 1-33. https:\/\/doi.org\/10.1145\/3538644","journal-title":"ACM Computing Surveys"},{"key":"3826_CR136","unstructured":"Whitehouse, O., Introduction to Anti-fuzzing: A Defence in Depth Aid. http:\/\/research.nccgroup.com\/2014\/01\/02\/introduction-to-anti-fuzzing-a-defence-in-depth-aid. Accessed December 5, 2023."},{"key":"3826_CR137","unstructured":"Edholm, E. and G\u00f6ransson, D., Escaping the Fuzz \u2013 Evaluating Fuzzing Techniques and Fooling Them with Anti-Fuzzing, M.S. Thesis, Gothenburg: Chalmers University of Technology, 2016."},{"key":"3826_CR138","doi-asserted-by":"publisher","unstructured":"Collberg, C., Thomborson, C., and Low, D., Manufacturing cheap, resilient, and stealthy opaque constructs, Proc. of 25th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, 1998, pp.\u00a0184\u2013196. https:\/\/doi.org\/10.1145\/268946.268962","DOI":"10.1145\/268946.268962"},{"key":"3826_CR139","doi-asserted-by":"publisher","unstructured":"Junod, P., Rinaldini, J., Wehrli, J., and Michielin, J., Obfuscator-LLVM\u2014software protection for the masses, Proc. of 2015 IEEE\/ACM 1st International Workshop on Software Protection, 2015, pp. 3\u20139. https:\/\/doi.org\/10.1109\/SPRO.2015.10","DOI":"10.1109\/SPRO.2015.10"},{"key":"3826_CR140","doi-asserted-by":"publisher","unstructured":"Zhang, J., Li, Z., Liu, Y., Sun, Z., and Wang, Z., SAFTE: A Self-injection based anti-fuzzing technique, Computers and Electrical Enginerring, 2023, vol. 111, part B, 108980. https:\/\/doi.org\/10.1016\/j.compeleceng.2023.108980","DOI":"10.1016\/j.compeleceng.2023.108980"},{"key":"3826_CR141","series-title":"An anti-fuzzing approach for Android apps","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-42991-0_3","volume-title":"Digital Forensics 2023: Advances in Digital Forensics XIX, IFIP Advances in Information and communication Technology","author":"C. CC. Cheng","year":"2023","unstructured":"Cheng, C. CC., Lin, L., Shi, C., and Guan, Y., An anti-fuzzing approach for Android apps, in Peterson, G. \n               and \n               Shenoi, S. \n               (eds), \n               Digital Forensics 2023: Advances in Digital Forensics XIX, IFIP Advances in Information and communication Technology, Springer, 2023, vol. 687, pp. 37\u201353. https:\/\/doi.org\/10.1007\/978-3-031-42991-0_3"},{"key":"3826_CR142","series-title":"No-Fuzz: Efficient anti-fuzzing techniques","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-25538-0_38","volume-title":"Security and Privacy in Communication Networks 2022. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","author":"Z. Zhou","year":"2023","unstructured":"Zhou, Z., Wang, C., and Zhao, Q., No-Fuzz: Efficient anti-fuzzing techniques, in: Li, F., \n               Liang, K., \n               Lin, Z., and \n               Katsikas, S. K. \n               (eds), \n               Security and Privacy in Communication Networks 2022. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, Springer, 2023, vol. 462, pp.\u00a0731\u2013751. https:\/\/doi.org\/10.1007\/978-3-031-25538-0_38"},{"key":"3826_CR143","doi-asserted-by":"publisher","first-page":"206","DOI":"10.1109\/OJCS.2023.3301883","volume":"4","author":"Z. Zhou","year":"2023","unstructured":"Zhou, Z. and Wang, C., Practical anti-fuzzing techniques with performance optimization, IEEE Open Journal of the Computer Society, 2023, vol. 4, pp. 206\u2013217. https:\/\/doi.org\/10.1109\/OJCS.2023.3301883","journal-title":"IEEE Open Journal of the Computer Society"},{"key":"3826_CR144","doi-asserted-by":"publisher","unstructured":"Jung, J., Hu, H., Solodukhin, D., Pagan, D., Lee, K. H., and Kim, T., FUZZIFICATION: Anti-fuzzing techniques, Proc. of 28th USENIX Conference on Security Symposium (SEC'19), 2019, pp. 1913\u20131930. https:\/\/doi.org\/10.5555\/3361338.3361471","DOI":"10.5555\/3361338.3361471"},{"key":"3826_CR145","doi-asserted-by":"publisher","unstructured":"G\u00fcler, E., Aschermann, C., Abbasi, A., and Holz, T., ANTIFUZZ: Impeding fuzzing audits of binary executables, Proc. of 28th USENIX Conference on Security Symposium (SEC'19), 2019, pp. 1931\u20131947. https:\/\/doi.org\/10.5555\/3361338.3361472","DOI":"10.5555\/3361338.3361472"},{"key":"3826_CR146","unstructured":"ANTIFUZZ. https:\/\/github.com\/RUB-SysSec\/antifuzz. Accessed December 5, 2023."},{"key":"3826_CR147","doi-asserted-by":"publisher","unstructured":"Li, Y., Meng, G., Xu, J., Zhang, C., Chen, H., Xie, X., Wang, H., and Liu, Y., Vall-nut: Principled anti-grey box \u2013 fuzzing, Proc. of IEEE 32nd International Symposium on Software Reliability Engineering, 2021, pp. 288\u2013299. https:\/\/doi.org\/10.1109\/ISSRE52982.2021.00039","DOI":"10.1109\/ISSRE52982.2021.00039"},{"key":"3826_CR148","unstructured":"Hu, Z., Hu, Y., and Dolan-Gavitt, B., Chaff Bugs: Deterring attackers by making software buggier, arXiv:1808.0065, 2018. https:\/\/arxiv.org\/abs\/1808.00659. Accessed December 5, 2023."},{"key":"3826_CR149","first-page":"81","volume":"13","author":"D. R. Kaprekar","year":"1980","unstructured":"Kaprekar, D. R., On Kaprekar numbers, Journal of Recreational Mathematics, 1980, vol. 13, no. 2, pp. 81\u201382.","journal-title":"Journal of Recreational Mathematics"},{"key":"3826_CR150","series-title":"Lectures on Runtime Verification. Introductory and Advanced Topics","volume-title":"LNCS 10457","year":"2018","unstructured":"Bartocci, E. and Falcone, Y. (eds), Lectures on Runtime Verification. Introductory and Advanced Topics, in LNCS 10457, Springer, 2018."},{"key":"3826_CR151","doi-asserted-by":"publisher","unstructured":"Drusinsky, D., The Temporal Rover and the ATG Rover, in Havelund, K., Penix, J., and Visser., W. (eds), SPIN Model Checking and Software Verification (SPIN 2000). LNCS 1885, Springer, 2000, pp. 323\u2013330. https:\/\/doi.org\/10.1007\/10722468_19","DOI":"10.1007\/10722468_19"},{"key":"3826_CR152","unstructured":"Havelund, K. and Ro\u015fu, G., Java PathExplorer \u2013 A runtime verification tool, Proc. of 6th International Symposium on Artificial Intelligence, Robotics and Automation in Space (i-SAIRAS'01), 2001."},{"key":"3826_CR153","doi-asserted-by":"publisher","first-page":"293","DOI":"10.1016\/j.jlap.2008.08.004","volume":"78","author":"M. Leucker","year":"2009","unstructured":"Leucker, M. and Schallhart, C., A brief account of runtime verification, Journal of Logic and Algebraic Programming, 2009, vol. 78, no. 5, pp. 293\u2013303. https:\/\/doi.org\/10.1016\/j.jlap.2008.08.004","journal-title":"Journal of Logic and Algebraic Programming"},{"key":"3826_CR154","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1007\/s10009-021-00609-z","volume":"23","author":"Y. Falcone","year":"2021","unstructured":"Falcone, Y., Krsti\u0107, S., Reger, G., and Traytel, D., A taxonomy for classifying runtime verification tools, International Journal on Software Tools for Technology Transfer, 2021, vol. 23, pp. 255\u2013284. https:\/\/doi.org\/10.1007\/s10009-021-00609-z","journal-title":"International Journal on Software Tools for Technology Transfer"},{"key":"3826_CR155","doi-asserted-by":"publisher","first-page":"279","DOI":"10.1007\/s10703-019-00337-w","volume":"54","author":"C. S\u00e1nchez","year":"2019","unstructured":"S\u00e1nchez, C., Schneider, G., Ahrendt, W., Bartocci, E., Bianculli, D., Colombo, C., Falcone, Y., Francalanza, A., Krsti\u0107, S., Louren\u00e7o, J. M., Nickovic, D., Pace, G. J., Rufino, J., Signoles, J., Traytel, D., and Weiss, A., A\u00a0survey of challenges for runtime verification from advanced application domains (beyond software), Formal Methods in System Design, 2019, vol. 54, pp. 279\u2013335. https:\/\/doi.org\/10.1007\/s10703-019-00337-w","journal-title":"Formal Methods in System Design"},{"key":"3826_CR156","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1007\/s12243-015-0457-8","volume":"70","author":"A. R. Cavalli","year":"2015","unstructured":"Cavalli, A. R., Higashino, T., and N\u00fa\u00f1ez, M., A survey on formal active and passive testing with applications to the cloud, Annals of Telecommunications, 2015, vol. 70, pp. 85\u201393. https:\/\/doi.org\/10.1007\/s12243-015-0457-8","journal-title":"Annals of Telecommunications"},{"key":"3826_CR157","unstructured":"Itkin, I. and Yavorskiy, R., Overview of applications of passive testing techniques, Modeling and Analysis of Complex Systems and Processes, 2019. https:\/\/ceur-ws.org\/Vol-2478\/paper9.pdf. Accessed June 20, 2023."},{"key":"3826_CR158","doi-asserted-by":"publisher","unstructured":"Edwards, A., Jaeger, T., and Zhang, X., Runtime verification of authorization hook placement for the Linux security modules framework, Proc. of 9th ACM Conference on Computer and Communications Security, 2002, pp. 225\u2013234. https:\/\/doi.org\/10.1145\/586110.586141","DOI":"10.1145\/586110.586141"},{"key":"3826_CR159","unstructured":"Sarrab, M. K., Policy-Based Runtime Verification of Information Flow, PhD Thesis, Leicester: Software Technology Research Laboratory, De Monfort University, 2011."},{"key":"3826_CR160","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-54997-8_12","volume-title":"Runtime verification of Linux kernel security module, Proc. of International Workshop on Formal Methods, LNCS 12233","author":"D. Efremov","year":"2020","unstructured":"Efremov, D. and Shchepetkov, I., Runtime verification of Linux kernel security module, Proc. of International Workshop on Formal Methods, LNCS 12233, Springer, 2020, pp. 185\u2013199. \nhttps:\/\/arxiv.org\/pdf\/2001.01442.pdf. https:\/\/doi.org\/10.1007\/978-3-030-54997-8_12"},{"key":"3826_CR161","doi-asserted-by":"publisher","unstructured":"Efremov, D. V., Kopach, V. V., Kornykhin, E. V., Kulyamin, V. V., Petrenko, A. K., Khoroshilov, A. V., and Shchepetkov, I. V., Monitoring and testing OS modules based on abstract models of the system\u2019s behavior, Trudy Instituta systemnogo programmirovaniya RAN (Proc. of ISP RAS), 2021, vol. 33, no. 6, pp. 15\u201326. https:\/\/doi.org\/10.15514\/ISPRAS-2021-33(6)-2","DOI":"10.15514\/ISPRAS-2021-33(6)-2"},{"key":"3826_CR162","series-title":"First international competition on runtime verification","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11164-3_1","volume-title":"Runtime Verification 2014. LNCS 8734","author":"E. Bartocci","year":"2014","unstructured":"Bartocci, E., Bonakdarpour, B., and Falcone, Y., First international competition on runtime verification, in Bonakdarpour, B. \n               and \n               Smolka, S. A. \n               (eds.), \n               Runtime Verification 2014. LNCS 8734, Springer, 2014, pp. 1\u20139. https:\/\/doi.org\/10.1007\/978-3-319-11164-3_1"},{"key":"3826_CR163","series-title":"Second international competition on runtime verification","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-23820-3_27","volume-title":"Runtime Verification 2015. LNCS 9333","author":"Y. Falcone","year":"2015","unstructured":"Falcone, Y., Ni\u010dkovi\u0107, D., Reger, G., and Thoma, D., Second international competition on runtime verification, in Bartocci, E. \n               and \n               Majumdar, R. \n               (eds), \n               Runtime Verification 2015. LNCS 9333, Springer, 2015, pp. 405\u2013422. https:\/\/doi.org\/10.1007\/978-3-319-23820-3_27"},{"key":"3826_CR164","series-title":"Third international competition on runtime verification","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-46982-9_3","volume-title":"Runtime Verification 2016. LNCS 10012","author":"G. Reger","year":"2016","unstructured":"Reger, G., Hall\u00e9, S., and Falcone, Y., Third international competition on runtime verification, in Falcone, Y. \n               and \n               S\u00e1nchez, C. \n               (eds), \n               Runtime Verification 2016. LNCS 10012, Springer, 2016, pp. 21\u201337. https:\/\/doi.org\/10.1007\/978-3-319-46982-9_3"},{"key":"3826_CR165","doi-asserted-by":"publisher","unstructured":"Delahaye, M., Kosmatov, N., and Signoles, J., Common specification language for static and dynamic analysis of C programs, Proc. of 28th Annual ACM Symposium on Applied Computing, 2013, pp. 1230\u20131235. https:\/\/doi.org\/10.1145\/2480362.2480593","DOI":"10.1145\/2480362.2480593"},{"key":"3826_CR166","unstructured":"E-ACSL. https:\/\/frama-c.com\/fc-plugins\/e-acsl.html. Accessed June 21, 2023."},{"key":"3826_CR167","unstructured":"E-ACSL Code. https:\/\/github.com\/evdenis\/e-acsl. Accessed June 21, 2023."},{"key":"3826_CR168","unstructured":"ANSI\/ISO C Specification Language. https:\/\/frama-c.com\/html\/acsl.html. Accessed June 21, 2023."},{"key":"3826_CR169","doi-asserted-by":"publisher","unstructured":"Navabpour, S., Joshi, Y., Wu, C. W. W., Berkovich, S., Medhat, R., Bonakdarpour, B., and Fischmeister, S., RiTHM: A tool for enabling time-triggered runtime verification for C programs, Proc. of 9th Joint Meeting on Foundations of Software Engineering (ESEC\/FSE 2013), 2013, pp. 603\u2013606. https:\/\/doi.org\/10.1145\/2491411.2494596","DOI":"10.1145\/2491411.2494596"},{"key":"3826_CR170","series-title":"Accelerated runtime verification of LTL specifications with counting semantics","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-46982-9_16","volume-title":"Runtime Verification 2016, LNCS 10012","author":"R. Medhat","year":"2016","unstructured":"Medhat, R., Joshi, Y., Bonakdarpour, B., and Fischmeister, S., Accelerated runtime verification of LTL specifications with counting semantics, in Falcone, Y. and S\u00e1nchez, C. (eds), Runtime Verification 2016, LNCS 10012, Springer, 2016, pp. 251\u2013267. https:\/\/arxiv.org\/abs\/1411.2239. https:\/\/doi.org\/10.1007\/978-3-319-46982-9_16"},{"key":"3826_CR171","doi-asserted-by":"publisher","unstructured":"Colombo, C., Pace, G. J., and Schneider, G., LARVA\u2014safer monitoring of real-time Java programs, Proc. of 7th IEEE International Conference on Software Engineering and Formal Methods, 2009, pp. 33\u201337. https:\/\/doi.org\/10.1109\/SEFM.2009.13","DOI":"10.1109\/SEFM.2009.13"},{"key":"3826_CR172","unstructured":"LARVA. http:\/\/www.cs.um.edu.mt\/~svrg\/Tools\/LARVA\/. Accessed June 21, 2023."},{"key":"3826_CR173","unstructured":"LARVA Code. https:\/\/github.com\/ccol002\/larva-rv-tool. Accessed June 21, 2023."},{"key":"3826_CR174","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-03240-0_13","volume-title":"Dynamic event-based runtime monitoring of real-time and contextual properties, Proc. of Formal Methods for Industrial Critical Systems (FMICS 2008), LNCS 5596","author":"C. Colombo","year":"2008","unstructured":"Colombo, C., Pace, G. J., and Schneider, G., Dynamic event-based runtime monitoring of real-time and contextual properties, Proc. of Formal Methods for Industrial Critical Systems (FMICS 2008), LNCS 5596, Springer, 2008, pp. 135\u2013149. https:\/\/doi.org\/10.1007\/978-3-642-03240-0_13"},{"key":"3826_CR175","series-title":"RV-monitor: efficient parametric runtime verification with simultaneous properties","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11164-3_24","volume-title":"Runtime Verification 2014, LNCS 8734","author":"Q. Luo","year":"2014","unstructured":"Luo, Q., Zhang, Y., Lee, C., Jin, D., O\u2019Neil Meredith, P., Serbanuta, T.-F., and Ro\u015fu, G., RV-monitor: efficient parametric runtime verification with simultaneous properties, in Bonakdarpour, B. \n               and \n               Smolka, A. \n               (eds), \n               Runtime Verification 2014, LNCS 8734, Springer, 2014, pp. 285\u2013300. https:\/\/doi.org\/10.1007\/978-3-319-11164-3_24"},{"key":"3826_CR176","unstructured":"RV-Monitor Code. https:\/\/github.com\/runtimeverification\/rv-monitor. Accessed June 21, 2023."},{"key":"3826_CR177","series-title":"RV-Android: Efficient parametric Android runtime verification, a brief tutorial","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-23820-3_24","volume-title":"Runtime Verification 2015. LNCS 9333","author":"Y. Falcone","year":"2015","unstructured":"Falcone, Y., Meredith, P., \u015eerb\u0103nu\u0163\u0103, T. F., Shiriashi, S., Iwai, A., and Ro\u015fu, G., RV-Android: Efficient parametric Android runtime verification, a brief tutorial, in Bartocci, E. \n               and \n               Majumdar, R. \n               (eds), \n               Runtime Verification 2015. LNCS 9333, Springer, 2015, pp. 342\u2013357. https:\/\/doi.org\/10.1007\/978-3-319-23820-3_24"},{"key":"3826_CR178","doi-asserted-by":"publisher","unstructured":"Reger, G., Cruz, H. C., and Rydeheard, D. E., MarQ: Monitoring at runtime with QEA, Proc. of 21st International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2015), LNCS 9035, Sringer, 2015, pp. 596-610. https:\/\/doi.org\/10.1007\/978-3-662-46681-0_55","DOI":"10.1007\/978-3-662-46681-0_55"},{"key":"3826_CR179","doi-asserted-by":"publisher","unstructured":"Decker, N., Harder, J., Scheffel, T., Schmitz, M., and Thoma, D., Runtime monitoring with union-find structures, Proc. of 22nd International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2016), LNCS 9636, Springer, 2016, pp.\u00a0868\u2013884. https:\/\/doi.org\/10.1007\/978-3-662-49674-9_54","DOI":"10.1007\/978-3-662-49674-9_54"},{"key":"3826_CR180","unstructured":"Mufin Project. https:\/\/www.isp.uni-luebeck.de\/mufin. Accessed June 21, 2023."},{"key":"3826_CR181","doi-asserted-by":"publisher","unstructured":"Serebryany, K., Bruening, D., Potapenko, A., and Vyukov, D., AddressSanitizer: A fast address sanity checker, Proc. of USENIX Annual Technical Conference, 2012, pp. 309\u2013318. https:\/\/doi.org\/10.5555\/2342821.2342849","DOI":"10.5555\/2342821.2342849"},{"key":"3826_CR182","unstructured":"AddressSanitizer. https:\/\/github.com\/google\/sanitizers\/wiki\/AddressSanitizer. Accessed June 22, 2023."},{"key":"3826_CR183","unstructured":"QASan (QEMU-AddressSanitizer). \nhttps:\/\/github.com\/andreafioraldi\/qasan. Accessed June 22, 2023."},{"key":"3826_CR184","doi-asserted-by":"publisher","unstructured":"Han, W., Joe, B., Lee, B., Song, C., and Shin, I., Enhancing memory error detection for large-scale applications and fuzz testing, Proc. of Network and Distributed System Security Symposium, 2018. https:\/\/doi.org\/10.14722\/ndss.2018.23318","DOI":"10.14722\/ndss.2018.23318"},{"key":"3826_CR185","doi-asserted-by":"publisher","first-page":"245","DOI":"10.1145\/1543135.1542504","volume":"44","author":"S. Nagarakatte","year":"2009","unstructured":"Nagarakatte, S., Zhao, J., Martin, M. M. K., and Zdancewic, S., SoftBound: Highly compatible and complete spatial memory safety for C, ACM SIGPLAN Notices, 2009, vol. 44, no. 6, pp. 245\u2013258. https:\/\/doi.org\/10.1145\/1543135.1542504","journal-title":"ACM SIGPLAN Notices"},{"key":"3826_CR186","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1145\/1837855.1806657","volume":"45","author":"S. Nagarakatte","year":"2010","unstructured":"Nagarakatte, S., Zhao, J., Martin, M. M. K., and Zdancewic, S., CETS: Compiler enforced temporal safety for C, ACM SIGPLAN Notices, 2010, vol. 45, no.\u00a08, pp. 31\u201340. https:\/\/doi.org\/10.1145\/1837855.1806657","journal-title":"ACM SIGPLAN Notices"},{"key":"3826_CR187","doi-asserted-by":"publisher","unstructured":"Lee, B., Song, C., Kim, T., and Lee, W., Type casting verification: Stopping an emerging attack vector, Proc. of 24th USENIX Security Symposium, 2015, pp. 81\u201396. https:\/\/doi.org\/10.5555\/2831143.2831149","DOI":"10.5555\/2831143.2831149"},{"key":"3826_CR188","doi-asserted-by":"publisher","unstructured":"Haller, I., Jeon, Y., Peng, H., Payer, M., Giuffrida, C., Bos, H., and van der Kouwe, E., TypeSan: Practical type confusion detection, Proc. of ACM SIGSAC Conference on Computer and Communications Security, 2016, pp. 517\u2013528. https:\/\/doi.org\/10.1145\/2976749.2978405","DOI":"10.1145\/2976749.2978405"},{"key":"3826_CR189","doi-asserted-by":"publisher","unstructured":"Jeon, Y., Biswas, P., Carr, S., Lee, B., and Payer, M., HexType: Efficient detection of type confusion errors for C++, Proc. of ACM SIGSAC Conference on Computer and Communications Security, 2017, pp. 2373\u20132387. https:\/\/doi.org\/10.1145\/3133956.3134062","DOI":"10.1145\/3133956.3134062"},{"key":"3826_CR190","doi-asserted-by":"publisher","unstructured":"Wang, X., Zeldovich, N., Kaashoek, M. F., and Solar-Lezama, A., Towards optimization-safe systems: Analyzing the impact of undefined behavior, Proc. of 24th ACM Symposium on Operating System Principles, 2013, pp. 260\u2013275. https:\/\/doi.org\/10.1145\/2517349.2522728","DOI":"10.1145\/2517349.2522728"},{"key":"3826_CR191","unstructured":"Valgrind. https:\/\/valgrind.org\/. Accessed June 21, 2023."},{"key":"3826_CR192","doi-asserted-by":"publisher","unstructured":"Seward, J. and Nethercote, N., Using Valgrind to detect undefined value errors with bit-precision, Proc. of USENIX Annual Technical Conference, 2005, pp. 2. https:\/\/doi.org\/10.5555\/1247360.1247362","DOI":"10.5555\/1247360.1247362"},{"key":"3826_CR193","doi-asserted-by":"publisher","unstructured":"Bruening, D. and Zhao, Q., Practical memory checking with Dr. Memory, Proc. of International Symposium on Code Generation and Optimization, 2011, pp. 213\u2013223. https:\/\/doi.org\/10.1109\/CGO.2011.5764689","DOI":"10.1109\/CGO.2011.5764689"},{"key":"3826_CR194","doi-asserted-by":"publisher","unstructured":"Stepanov, E. and Serebryany, K., MemorySanitizer: Fast detector of uninitialized memory use in C++, Proc. of IEEE\/ACM International Symposium on Code Generation and Optimization, 2015, pp. 46-55. https:\/\/doi.org\/10.1109\/CGO.2015.7054186","DOI":"10.1109\/CGO.2015.7054186"},{"key":"3826_CR195","unstructured":"MemorySanitizer in LLVM\/Clang. https:\/\/clang.llvm.org\/docs\/MemorySanitizer.html. Accessed June 22, 2023."},{"key":"3826_CR196","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2743019","volume":"25","author":"W. Dietz","year":"2015","unstructured":"Dietz, W., Li, P., Regehr, J., and Adve, V., Understanding integer overflow in C\/C++, ACM Transactions on Software Engineering and Methodology, 2015, vol. 25, no. 1, pp. 1\u201329. https:\/\/doi.org\/10.1145\/2743019","journal-title":"ACM Transactions on Software Engineering and Methodology"},{"key":"3826_CR197","unstructured":"UndefinedBehaviorSanitizer in LLVM\/Clang. https:\/\/clang.llvm.org\/docs\/UndefinedBehaviorSanitizer.html. Accessed June 22, 2023."},{"key":"3826_CR198","doi-asserted-by":"publisher","unstructured":"Serebryany, K. and Iskhodzhanov, T., ThreadSanitizer: Data race detection in practice, Proc. of Workshop on Binary Instrumentation and Applications, 2009, pp. 62\u201371. https:\/\/doi.org\/10.1145\/1791194.1791203","DOI":"10.1145\/1791194.1791203"},{"key":"3826_CR199","unstructured":"ThreadSanitizer in LLVM\/Clang. https:\/\/clang.llvm.org\/docs\/ThreadSanitizer.html. Accessed June 22, 2023."},{"key":"3826_CR200","doi-asserted-by":"publisher","first-page":"234","DOI":"10.1145\/390016.808445","volume":"10","author":"R. S. Boyer","year":"1975","unstructured":"Boyer, R. S., Elspas, B., and Levitt, K. N., SELECT\u2014a formal system for testing and debugging programs by symbolic execution, ACM SIGPLAN Notices, 1975, vol.\u00a010, no. 6, pp. 234\u2013245. https:\/\/doi.org\/10.1145\/390016.808445","journal-title":"ACM SIGPLAN Notices"},{"key":"3826_CR201","doi-asserted-by":"publisher","first-page":"554","DOI":"10.1109\/T-C.1975.224259","volume":"C-24","author":"W. E. Howden","year":"1975","unstructured":"Howden, W. E., Methodology for the generation of program test data, IEEE Transactions on Computers, 1975, vol. C-24, no. 5, pp. 554\u2013560. https:\/\/doi.org\/10.1109\/T-C.1975.224259","journal-title":"IEEE Transactions on Computers"},{"key":"3826_CR202","doi-asserted-by":"publisher","unstructured":"King, J. C., A new approach to program testing, Proc. of International Conference on Reliable Software, 1975, pp. 228\u2013233. https:\/\/doi.org\/10.1145\/800027.808444","DOI":"10.1145\/800027.808444"},{"key":"3826_CR203","doi-asserted-by":"publisher","first-page":"385","DOI":"10.1145\/360248.360252","volume":"19","author":"J. C. King","year":"1976","unstructured":"King, J. C., Symbolic execution and program testing, Communications of the ACM, 1976, vol. 19, no. 7, pp.\u00a0385\u2013394. https:\/\/doi.org\/10.1145\/360248.360252","journal-title":"Communications of the ACM"},{"key":"3826_CR204","doi-asserted-by":"publisher","first-page":"82","DOI":"10.1145\/2408776.2408795","volume":"56","author":"C. Cadar","year":"2013","unstructured":"Cadar, C. and Sen, K., Symbolic execution for software testing: Three decades later, Communications of ACM, 2013, vol. 56, no. 2, pp. 82\u201390. https:\/\/doi.org\/10.1145\/2408776.2408795","journal-title":"Communications of ACM"},{"key":"3826_CR205","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3182657","volume":"51","author":"R. Baldoni","year":"2018","unstructured":"Baldoni, R., Coppa, E., Cono D\u2019Elia, D., Demetrescu, C., and Finocchi, I., A survey of symbolic execution techniques, ACM Computing Surveys, 2018, vol. 51, no.\u00a03, pp. 1\u201339. https:\/\/arxiv.org\/abs\/1610.00502. https:\/\/doi.org\/10.1145\/3182657","journal-title":"ACM Computing Surveys"},{"key":"3826_CR206","unstructured":"Avgerinos, T., Cha, S. K., Lim, B.T.H., and Brumley, D., AEG: Automatic exploit generation, Proc. of Network and Distributed System Security Symposium, 2011, pp. 283\u2013300."},{"key":"3826_CR207","doi-asserted-by":"publisher","unstructured":"Mi, X., Rawat, S., Giuffrida, C., and Bos, H., LeanSym: Efficient hybrid fuzzing through conservative constraint debloating, Proc. of 24th International Symposium on Research in Attacks, Intrusions and Defenses (RAID '21), 2012, pp. 62\u201377. https:\/\/doi.org\/10.1145\/3471621.3471852","DOI":"10.1145\/3471621.3471852"},{"key":"3826_CR208","doi-asserted-by":"publisher","first-page":"47","DOI":"10.1145\/1190215.1190226","volume":"42","author":"P. Godefroid","year":"2007","unstructured":"Godefroid, P., Compositional dynamic test generation, ACM SIGPLAN Notices, 2007, vol. 42, no. 1, pp. 47\u201354. https:\/\/doi.org\/10.1145\/1190215.1190226","journal-title":"ACM SIGPLAN Notices"},{"key":"3826_CR209","doi-asserted-by":"publisher","unstructured":"Godefroid, P. and Luchaup, D., Automatic partial loop summarization in dynamic test generation, Proc. of International Symposium on Software Testing and Analysis (ISSTA\u201911), 2011, pp. 23-33. https:\/\/doi.org\/10.1145\/2001420.2001424","DOI":"10.1145\/2001420.2001424"},{"key":"3826_CR210","doi-asserted-by":"publisher","unstructured":"Xie, X., Chen, B., Liu, Y., Le, W., and Li, X., Proteus: Computing disjunctive loop summary via path dependency analysis, Proc. of 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE\u201916), 2016, pp. 61\u201372. https:\/\/doi.org\/10.1145\/2950290.2950340","DOI":"10.1145\/2950290.2950340"},{"key":"3826_CR211","doi-asserted-by":"publisher","unstructured":"McMillan, K. L., Lazy annotation for program testing and verification, Proc. of 22nd International Conference on Computer Aided Verification (CAV\u201910), LNCS 6174, 2010, pp. 104\u2013118. https:\/\/doi.org\/10.1007\/978-3-642-14295-6_10","DOI":"10.1007\/978-3-642-14295-6_10"},{"key":"3826_CR212","doi-asserted-by":"publisher","unstructured":"Yi, Q., Yang, Z., Guo, S., Wang, C., Liu, J., and Zhao, C., Postconditioned symbolic execution, Proc. of IEEE 8th International Conference on Software Testing, Verification and Validation (ICST), 2015, pp. 1\u201310. https:\/\/doi.org\/10.1109\/ICST.2015.7102601","DOI":"10.1109\/ICST.2015.7102601"},{"key":"3826_CR213","doi-asserted-by":"publisher","first-page":"193","DOI":"10.1145\/2345156.2254088","volume":"47","author":"V. Kuznetsov","year":"2012","unstructured":"Kuznetsov, V., Kinder, J., Bucur, S., and Candea, G., Efficient state merging in symbolic execution, ACM SIGPLAN Notices, 2012, vol. 47, no. 6, pp. 193\u2013204. https:\/\/doi.org\/10.1145\/2345156.2254088","journal-title":"ACM SIGPLAN Notices"},{"key":"3826_CR214","doi-asserted-by":"publisher","unstructured":"Song, D., Brumley, D., Yin, H., Caballero, J., Jager, I., Kang, M. G., Liang, Z., Newsome, J., Poosankam, P., and Saxena, P., BitBlaze: A new approach to computer security via binary analysis, Proc. of 4th International Conference on Information Systems Security ((ICISS\u201908), LNCS 5352, 2008, pp. 1\u201325. https:\/\/doi.org\/10.1007\/978-3-540-89862-7_1","DOI":"10.1007\/978-3-540-89862-7_1"},{"key":"3826_CR215","unstructured":"BitBlaze: Binary Analysis for Computer Security. http:\/\/bitblaze.cs.berkeley.edu\/. Accessed June 27, 2023."},{"key":"3826_CR216","doi-asserted-by":"publisher","unstructured":"Brumley, D., Jager, I., Avgerinos, T., and Schwartz, E. J., BAP: A binary analysis platform, Proc. of 23rd International Conference on Computer Aided Verification (CAV\u201911), LNCS 6806, 2011, pp. 463\u2013469. https:\/\/doi.org\/10.1007\/978-3-642-22110-1_37","DOI":"10.1007\/978-3-642-22110-1_37"},{"key":"3826_CR217","unstructured":"Kus, D., Towards symbolic pointers reasoning in dynamic symbolic execution, arXiv \n               2109.03698, 2022. https:\/\/arxiv.org\/abs\/2109.03698. Accessed December 5, 2023."},{"key":"3826_CR218","doi-asserted-by":"publisher","unstructured":"Shoshitaishvili, Y., Wang, R., Salls, C., Stephens, N., Polino, M., Dutcher, A., Grosen, J., Feng, S., Hauser, C., Kruegel, C., and Vigna, G., SOK: (State of) the art of war: Offensive techniques in binary analysis, Proc. of IEEE Symposium on Security and Privacy, 2016, pp.\u00a0138\u2013157. https:\/\/doi.org\/10.1109\/SP.2016.17","DOI":"10.1109\/SP.2016.17"},{"key":"3826_CR219","doi-asserted-by":"publisher","unstructured":"Poeplau, S. and Francillon, A., Symbolic execution with SymCC: Don\u2019t interpret, compile! Proc. of 29th USENIX Security Symposium, 2020, pp. 181\u2013198. https:\/\/doi.org\/10.5555\/3489212.3489223","DOI":"10.5555\/3489212.3489223"},{"key":"3826_CR220","doi-asserted-by":"publisher","unstructured":"Borzacchiello, L., Coppa, E., and Demetrescu, C., FUZZOLIC: Mixing fuzzing and concolic execution, Computers and Security, 2021, vol. 108, no. C. https:\/\/doi.org\/10.1016\/j.cose.2021.102368","DOI":"10.1016\/j.cose.2021.102368"},{"key":"3826_CR221","unstructured":"Wang, T., Wei, T., Lin, Z., and Zhou, W., IntScope: Automatically detecting integer overflow vulnerability in x86 binary using symbolic execution, Proc of Network and Distributed System Security Simposium, 2009."},{"key":"3826_CR222","doi-asserted-by":"publisher","unstructured":"Chen, Y., Li, P., Xu, J., Guo, S., Zhou, R., Zhang, Y., Wei, T., and Lu, L., SAVIOR: Towards bug-driven hybrid testing, Proc. of IEEE Symposium on Security and Privacy, 2020, pp. 1580\u20131596. https:\/\/arxiv.org\/abs\/1906.07327. https:\/\/doi.org\/10.1109\/SP40000.2020.00002","DOI":"10.1109\/SP40000.2020.00002"},{"key":"3826_CR223","doi-asserted-by":"publisher","unstructured":"\u00d6sterlund, S., Razavi, K., Bos, H., and Giuffrida, C., ParmeSan: Sanitizer-guided greybox fuzzing, Proc. of 29th USENIX Conference on Security (SEC'20), pp. 2289\u20132306. https:\/\/doi.org\/10.5555\/3489212.3489341","DOI":"10.5555\/3489212.3489341"},{"key":"3826_CR224","doi-asserted-by":"publisher","unstructured":"Dovgalyuk, P. M., Klimushenkova, M. A., Fursova, N. I., Stepanov V. M., Vasiliev I. A., Ivanov, A. A., Ivanov, A. V., Bakulin, M. G., and Egorov, D. I., Natch: detecting the software attack surface with virtual machine introspection and taint analysis, Trudy Instituta systemnogo programmirovaniya RAN (Proc. of ISP RAS), 2022, vol.\u00a034, no. 5, pp. 89\u2013110. https:\/\/doi.org\/10.15514\/ISPRAS-2022-34(5)-6","DOI":"10.15514\/ISPRAS-2022-34(5)-6"},{"key":"3826_CR225","doi-asserted-by":"publisher","first-page":"225","DOI":"10.1134\/S0361768810040055","volume":"36","author":"I. K. Isaev","year":"2010","unstructured":"Isaev, I. K. and Sidorov, D. V., The use of dynamic analysis for generation of input data that demonstrates critical bugs and vulnerabilities in programs, Programming and Computer Software, 2010, vol. 36, no. 40, pp.\u00a0225\u2013236. https:\/\/doi.org\/10.1134\/S0361768810040055","journal-title":"Programming and Computer Software"},{"key":"3826_CR226","doi-asserted-by":"crossref","unstructured":"Ermakov, M. K. and Gerasimov, A. Yu., Avalanche: using parallel and distributed dynamic software analysis to improve defect detection, Trudy Instituta systemnogo programmirovaniya RAN (Proc. of ISP RAS), 2013, vol.\u00a025, pp. 29\u201338.","DOI":"10.15514\/ISPRAS-2013-25-2"}],"container-title":["Programming and Computer Software"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1134\/S0361768824010079.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1134\/S0361768824010079","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1134\/S0361768824010079.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T02:49:57Z","timestamp":1775011797000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1134\/S0361768824010079"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,2]]},"references-count":226,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2024,2]]}},"alternative-id":["3826"],"URL":"https:\/\/doi.org\/10.1134\/s0361768824010079","relation":{},"ISSN":["0361-7688","1608-3261"],"issn-type":[{"value":"0361-7688","type":"print"},{"value":"1608-3261","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,2]]},"assertion":[{"value":"17 December 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"19 December 2023","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"25 December 2023","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"22 May 2024","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"The author of this work declares that he has no conflicts of interest.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"CONFLICT OF INTEREST"}}]}}