{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,28]],"date-time":"2026-03-28T16:58:25Z","timestamp":1774717105319,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":62,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,10,30]],"date-time":"2017-10-30T00:00:00Z","timestamp":1509321600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Institute for Information & communications Technology Promotion Korea","award":["B0717- 16-0109"],"award-info":[{"award-number":["B0717- 16-0109"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,10,30]]},"DOI":"10.1145\/3133956.3134103","type":"proceedings-article","created":{"date-parts":[[2017,10,27]],"date-time":"2017-10-27T12:48:18Z","timestamp":1509108498000},"page":"2345-2358","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":79,"title":["IMF"],"prefix":"10.1145","author":[{"given":"HyungSeok","family":"Han","sequence":"first","affiliation":[{"name":"Korea Advanced Institute of Science and Technology, Daejeon, South Korea"}]},{"given":"Sang Kil","family":"Cha","sequence":"additional","affiliation":[{"name":"Korea Advanced Institute of Science and Technology, Daejeon, South Korea"}]}],"member":"320","published-online":{"date-parts":[[2017,10,30]]},"reference":[{"key":"e_1_3_2_2_1_1","volume-title":"[n. d.]. Compilers: Principles, Techniques, and Tools","author":"Aho Alfred V.","unstructured":"Alfred V. Aho, Monica S. Lam, Ravi Sethi, and Jeffrey D. Ullman. [n. d.]. Compilers: Principles, Techniques, and Tools (2nd ed.). Addison Wesley.","edition":"2"},{"key":"e_1_3_2_2_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/11836810_25"},{"key":"e_1_3_2_2_3_1","unstructured":"Paul Barton. 2013. PyUserInput. https:\/\/github.com\/SavinaRoja\/PyUserInput. (2013)."},{"key":"e_1_3_2_2_4_1","volume-title":"pwn4fun","author":"Beer Ian","year":"2014","unstructured":"Ian Beer. 2014. pwn4fun Spring 2014--Safari--Part II. http:\/\/googleprojectzero. blogspot.com\/2014\/11\/pwn4fun-spring-2014-safari-part-ii.html. (2014)."},{"key":"e_1_3_2_2_5_1","volume-title":"Proceedings of the ACM Conference on Computer and Communications Security. 1032--1043","author":"B\u00f6hme Marcel","year":"2016","unstructured":"Marcel B\u00f6hme, Van-Thuan Pham, and Abhik Roychoudhury. 2016. Coveragebased Greybox Fuzzing as Markov Chain. In Proceedings of the ACM Conference on Computer and Communications Security. 1032--1043."},{"key":"e_1_3_2_2_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315286"},{"key":"e_1_3_2_2_7_1","volume-title":"Proceedings of the USENIX Symposium on Operating System Design and Implementation. 209--224","author":"Cadar Cristian","year":"2008","unstructured":"Cristian Cadar, Daniel Dunbar, and Dawson Engler. 2008. KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs. In Proceedings of the USENIX Symposium on Operating System Design and Implementation. 209--224."},{"key":"e_1_3_2_2_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.50"},{"key":"e_1_3_2_2_9_1","unstructured":"Liang Chen Marco Grassi and Qidan He. 2016. Don't Trust Your Eye: Apple Graphics Is Compromised!. In CanSecWest. https:\/\/cansecwest.com\/slides\/2016\/ CSW2016Chen-Grassi-HeAppleGraphicsIsCompromised.pdf"},{"key":"e_1_3_2_2_10_1","volume-title":"Proceedings of the International Conference on Computational Sciences and Its Applications. 19--25","author":"Choi YoungHan","year":"2008","unstructured":"YoungHan Choi, HyoungChun Kim, HyungGeun Oh, and Dohoon Lee. 2008. CallFlow Aware API Fuzz Testing for Security of Windows Systems. In Proceedings of the International Conference on Computational Sciences and Its Applications. 19--25."},{"key":"e_1_3_2_2_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1287624.1287628"},{"key":"e_1_3_2_2_12_1","unstructured":"CIFASIS. 2016. Neural Fuzzer. http:\/\/neural-fuzzer.org. (2016)."},{"key":"e_1_3_2_2_13_1","unstructured":"Jonathan Corbet. 2012. Supervisor mode access prevention. https:\/\/lwn.net\/ Articles\/517475\/. (2012)."},{"key":"e_1_3_2_2_14_1","unstructured":"Jonathan Corbet and Greg Kroah-Hartman. 2016. Linux Kernel Development. http:\/\/go.linuxfoundation.org\/linux-kernel-development-report-2016. (2016)."},{"key":"e_1_3_2_2_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455820"},{"key":"e_1_3_2_2_16_1","unstructured":"Michael Eddington. 2004. Peach Fuzzing Platform. http:\/\/peachfuzzer.com. (2004)."},{"key":"e_1_3_2_2_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSTW.2014.7"},{"key":"e_1_3_2_2_18_1","volume-title":"Security and Privacy in Communication Networks","author":"Gascon Hugo","unstructured":"Hugo Gascon, Christian Wressnegger, Fabian Yamaguchi, Daniel Arp, and Konrad Rieck. 2015. Security and Privacy in Communication Networks. Springer International Publishing. 330--347 pages."},{"key":"e_1_3_2_2_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2011.116"},{"key":"e_1_3_2_2_20_1","volume-title":"Proceedings of the USENIX Security Symposium. 445--458","author":"Holler Christian","year":"2012","unstructured":"Christian Holler, Kim Herzig, and Andreas Zeller. 2012. Fuzzing with Code Fragments. In Proceedings of the USENIX Security Symposium. 445--458."},{"key":"e_1_3_2_2_21_1","unstructured":"George Hotz. 2013. machfuzzer. https:\/\/github.com\/geohot\/jenkyiphonetools\/ blob\/master\/machfuzzer. (2013)."},{"key":"e_1_3_2_2_22_1","unstructured":"Apple Inc. 2013. Kernel Architecture Overview. https:\/\/developer.apple.com\/ library\/content\/documentation\/Darwin\/Conceptual\/KernelProgramming\/Architecture\/Architecture.html. (2013)."},{"key":"e_1_3_2_2_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978321"},{"key":"e_1_3_2_2_24_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Johnson Rob","year":"2004","unstructured":"Rob Johnson and David Wagner. 2004. Finding User\/Kernel Pointer Bugs with Type Inference. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_2_25_1","unstructured":"Dave Jones. 2010. trinity. https:\/\/github.com\/kernelslacker\/trinity. (2010)."},{"key":"e_1_3_2_2_26_1","unstructured":"Mateusz Jurczyk. 2012. csrss_win32k_fuzzer. http:\/\/j00ru.vexillium.org\/?p=1455. (2012)."},{"key":"e_1_3_2_2_27_1","doi-asserted-by":"publisher","unstructured":"Rauli Kaksonen Marko Laakso and Ari Takanen. 2001. Software Security Assessment through Specification Mutations and Fault Injection. In Communications and Multimedia Security. 173--183. 10.1007\/978-0-387-35413-2_16","DOI":"10.1007\/978-0-387-35413-2_16"},{"key":"e_1_3_2_2_28_1","volume-title":"Proceedings of the USENIX Security Symposium. 957--972","author":"Kemerlis Vasileios P.","unstructured":"Vasileios P. Kemerlis, Michalis Polychronakis, and Angelos D. Keromytis. 2014. ret2dir: Rethinking Kernel Isolation. In Proceedings of the USENIX Security Symposium. 957--972."},{"key":"e_1_3_2_2_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/2560537"},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629596"},{"key":"e_1_3_2_2_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/RELDIS.1997.632800"},{"key":"e_1_3_2_2_32_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium.","author":"Kurmus Anil","year":"2013","unstructured":"Anil Kurmus, Reinhard Tartler, Daniela Dorneanu, Bernhard Heinloth, Valentin Rothberg, Andreas Ruprecht, Wolfgang Schroder-Preikschat, Daniel Lohmann, and Rudiger Kapitza. 2013. Attack Surface Metrics and Automated Compile-Time OS Kernel Tailoring. In Proceedings of the Network and Distributed System Security Symposium."},{"key":"e_1_3_2_2_33_1","unstructured":"MWR Labs. 2016. KernelFuzzer. https:\/\/github.com\/mwrlabs\/KernelFuzzer. (2016)."},{"key":"e_1_3_2_2_34_1","unstructured":"Tin Le. 1991. tsys. http:\/\/groups.google.com\/groups?q=syscall+crashme&hl= en&lr=&ie=UTF-8&selm=1991Sep20.232550.5013%40smsc.sony.com&rnum=1. (1991)."},{"key":"e_1_3_2_2_35_1","unstructured":"Jonathan Levin. 2013. Mac OS X and iOS Internals: To the Apple's Core. Wrox."},{"key":"e_1_3_2_2_36_1","unstructured":"Moony Li. 2016. Active fuzzing as complementary for passive fuzzing. In PacSec."},{"key":"e_1_3_2_2_37_1","unstructured":"Lei Long. 2015. Optimized Fuzzing IOKIT in iOS. In Black Hat USA."},{"key":"e_1_3_2_2_38_1","unstructured":"MITRE. 2015. CVE-2015--5845. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name= CVE-2015--5845. (2015)."},{"key":"e_1_3_2_2_39_1","unstructured":"MITRE. 2015. CVE-2015--7077. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name= CVE-2015--7077. (2015)."},{"key":"e_1_3_2_2_40_1","unstructured":"NCC Group. 2016. Triforce Linux Syscall Fuzzer. https:\/\/github.com\/nccgroup\/ TriforceLinuxSyscallFuzzer. (2016)."},{"key":"e_1_3_2_2_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2005.55"},{"key":"e_1_3_2_2_42_1","unstructured":"Dmytro Oleksiuk. 2009. IOCTL fuzzer. https:\/\/github.com\/Cr4sh\/ioctlfuzzer. (2009)."},{"key":"e_1_3_2_2_43_1","unstructured":"Oracle. 2016. Kernel-Fuzzing. https:\/\/github.com\/oracle\/kernel-fuzzing. (2016)."},{"key":"e_1_3_2_2_44_1","unstructured":"Tavis Ormandy. 2010. iknowthis. https:\/\/code.google.com\/archive\/p\/iknowthis\/. (2010)."},{"key":"e_1_3_2_2_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2007.37"},{"key":"e_1_3_2_2_46_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23404"},{"key":"e_1_3_2_2_47_1","volume-title":"Proceedings of the USENIX Security Symposium. 861--875","author":"Rebert Alexandre","year":"2014","unstructured":"Alexandre Rebert, Sang Kil Cha, Thanassis Avgerinos, Jonathan Foote, David Warren, Gustavo Grieco, and David Brumley. 2014. Optimizing Seed Selection for Fuzzing. In Proceedings of the USENIX Security Symposium. 861--875."},{"key":"e_1_3_2_2_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2012.63"},{"key":"e_1_3_2_2_49_1","unstructured":"sqrkkyu and twzi. 2007. Attacking the Core: Kernel Exploiting Notes. http: \/\/phrack.org\/issues\/64\/6.html. (2007)."},{"key":"e_1_3_2_2_50_1","unstructured":"Robert Swiecki and Felix Gr\u00f6bert. 2010. honggfuzz. https:\/\/github.com\/google\/honggfuzz. (2010)."},{"key":"e_1_3_2_2_51_1","unstructured":"Luca Todesco. 2015. Attacking the XNU Kernel in El Capitan. In Black Hat EU."},{"key":"e_1_3_2_2_52_1","volume-title":"Chaos Communication Congress.","author":"van Sprundel Ilja","year":"2005","unstructured":"Ilja van Sprundel. 2005. Fuzzing: Breaking software in an automated fashion. In Chaos Communication Congress."},{"key":"e_1_3_2_2_53_1","unstructured":"Dmitry Vyukov. 2015. Syzkaller. https:\/\/github.com\/google\/syzkaller. (2015)."},{"key":"e_1_3_2_2_54_1","volume-title":"Proceedings of the USENIX Symposium on Operating System Design and Implementation. 163--177","author":"Wang Xi","unstructured":"Xi Wang, Haogang Chen, Zhihao Jia, Nickolai Zeldovich, and M. Frans Kaashoek. 2012. Improving Integer Security for Systems with KINT. In Proceedings of the USENIX Symposium on Operating System Design and Implementation. 163--177."},{"key":"e_1_3_2_2_55_1","volume-title":"Weaver and Dave Jones","author":"Vincent","year":"2015","unstructured":"Vincent M. Weaver and Dave Jones. 2015. perf_fuzzer: Targeted Fuzzing of the perf_event_open() System Call. Technical Report. UMaine VMW Group."},{"key":"e_1_3_2_2_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516736"},{"key":"e_1_3_2_2_57_1","unstructured":"Chen Xiaobo and Xu Hao. 2012. Find Your Own iOS Kernel Bug. In Power of Community."},{"key":"e_1_3_2_2_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813637"},{"key":"e_1_3_2_2_59_1","doi-asserted-by":"publisher","DOI":"10.1145\/1622176.1622213"},{"key":"e_1_3_2_2_60_1","unstructured":"Michal Zalewski. 2014. American Fuzzy Lop. http:\/\/lcamtuf.coredump.cx\/afl\/. (2014)."},{"key":"e_1_3_2_2_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/2018396.2018419"},{"key":"e_1_3_2_2_62_1","unstructured":"Markus Zimmermann. 2014. Tavor. https:\/\/github.com\/zimmski\/tavor. (2014)."}],"event":{"name":"CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security","location":"Dallas Texas USA","acronym":"CCS '17","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3134103","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3133956.3134103","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:11:03Z","timestamp":1750212663000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3133956.3134103"}},"subtitle":["Inferred Model-based Fuzzer"],"short-title":[],"issued":{"date-parts":[[2017,10,30]]},"references-count":62,"alternative-id":["10.1145\/3133956.3134103","10.1145\/3133956"],"URL":"https:\/\/doi.org\/10.1145\/3133956.3134103","relation":{},"subject":[],"published":{"date-parts":[[2017,10,30]]},"assertion":[{"value":"2017-10-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}