{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,30]],"date-time":"2026-01-30T03:46:13Z","timestamp":1769744773862,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":47,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T00:00:00Z","timestamp":1726012800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,9,11]]},"DOI":"10.1145\/3650212.3680387","type":"proceedings-article","created":{"date-parts":[[2024,9,11]],"date-time":"2024-09-11T11:44:25Z","timestamp":1726055065000},"page":"1631-1642","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["An Empirical Examination of Fuzzer Mutator Performance"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0009-9847-7897","authenticated-orcid":false,"given":"James","family":"Kukucka","sequence":"first","affiliation":[{"name":"George Mason University, Fairfax, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4585-5259","authenticated-orcid":false,"given":"Lu\u00eds","family":"Pina","sequence":"additional","affiliation":[{"name":"University of Illinois at Chicago, Chicago, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-8470-2917","authenticated-orcid":false,"given":"Paul","family":"Ammann","sequence":"additional","affiliation":[{"name":"George Mason University, Fairfax, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1187-9298","authenticated-orcid":false,"given":"Jonathan","family":"Bell","sequence":"additional","affiliation":[{"name":"Northeastern University, Boston, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,9,11]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"[n.d.]. CVE - CVE-2015-8784 \u2014 cve.mitre.org. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2015-8784"},{"key":"e_1_3_2_1_2_1","first-page":"04","volume":"1","author":"CVE","unstructured":"[n.d.]. CVE - CVE-2017-9048 \u2014 cve.mitre.org. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2017-9048 [Accessed 11-04-2024].","journal-title":"Accessed"},{"key":"e_1_3_2_1_3_1","unstructured":"[n.d.]. CVE - CVE-2018-13785 \u2014 cve.mitre.org. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2018-13785"},{"key":"e_1_3_2_1_4_1","first-page":"04","volume":"1","author":"CVE","unstructured":"[n.d.]. CVE - CVE-2019-10873 \u2014 cve.mitre.org. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-10873 [Accessed 11-04-2024].","journal-title":"Accessed"},{"key":"e_1_3_2_1_5_1","first-page":"04","volume":"1","author":"CVE","unstructured":"[n.d.]. CVE - CVE-2020-24369 \u2014 cve.mitre.org. https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-24369 [Accessed 11-04-2024].","journal-title":"Accessed"},{"key":"e_1_3_2_1_6_1","first-page":"04","volume":"1","author":"Fixed","unstructured":"[n.d.]. Fixed bug: Negation overflow in getlocal\/setlocal \u00b7 lua\/lua@a585eae \u2014 github.com. https:\/\/github.com\/lua\/lua\/commit\/a585eae6e7ada1ca9271607a4f48dfb17868ab7b [Accessed 11-04-2024].","journal-title":"Accessed"},{"key":"e_1_3_2_1_7_1","first-page":"04","volume":"1","author":"NVD","unstructured":"[n.d.]. NVD - CVE-2020-24370 \u2014 nvd.nist.gov. https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2020-24370 [Accessed 11-04-2024].","journal-title":"Accessed"},{"key":"e_1_3_2_1_8_1","first-page":"04","volume":"1","author":"Compiler Infrastructure The LLVM","unstructured":"[n.d.]. The LLVM Compiler Infrastructure Project \u2014 llvm.org. https:\/\/llvm.org [Accessed 12-04-2024].","journal-title":"Accessed"},{"key":"e_1_3_2_1_9_1","unstructured":"2023. Fuzzing Survey. https:\/\/fuzzing-survey.org\/"},{"key":"e_1_3_2_1_10_1","unstructured":"Cornelius Aschermann Sergej Schumilo Tim Blazytko Robert Gawlik and Thorsten Holz. [n.d.]. REDQUEEN: Fuzzing with Input-to-State Correspondence.."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978428"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3510003.3510230"},{"key":"e_1_3_2_1_13_1","unstructured":"Oliver Chang Jonathan Metzman Max Moroz Martin Barbella and Abhishek Arya. 2016. OSS-Fuzz: Continuous Fuzzing for Open Source Software. URL: https:\/\/github. com\/google\/ossfuzz."},{"key":"e_1_3_2_1_14_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Chen Ju","year":"2022","unstructured":"Ju Chen, WookHyun Han, Mingjun Yin, Haochen Zeng, Chengyu Song, Byoungyoung Lee, Heng Yin, and Insik Shin. 2022. SYMSAN: Time and Space Efficient Concolic Execution via Dynamic Data-flow Analysis. In 31st USENIX Security Symposium (USENIX Security 22). USENIX Association, Boston, MA. 2531\u20132548. isbn:978-1-939133-31-1 https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/chen-ju"},{"key":"e_1_3_2_1_15_1","volume-title":"2018 IEEE Symposium on Security and Privacy (SP). 711\u2013725","author":"Chen P.","unstructured":"P. Chen and H. Chen. 2018. Angora: Efficient Fuzzing by Principled Search. In 2018 IEEE Symposium on Security and Privacy (SP). 711\u2013725."},{"key":"e_1_3_2_1_16_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Chen Yuanliang","year":"2019","unstructured":"Yuanliang Chen, Yu Jiang, Fuchen Ma, Jie Liang, Mingzhe Wang, Chijin Zhou, Xun Jiao, and Zhuo Su. 2019. EnFuzz: Ensemble Fuzzing with Seed Synchronization among Diverse Fuzzers. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA. 1967\u20131983. isbn:978-1-939133-06-9 https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/chen-yuanliang"},{"key":"e_1_3_2_1_17_1","unstructured":"DARPA. 2016. DARPA Cyber Grand Challenge Sample Challenges. https:\/\/github.com\/CyberGrandChallenge\/samples\/"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.15"},{"key":"e_1_3_2_1_19_1","volume-title":"14th USENIX Workshop on Offensive Technologies (WOOT 20)","author":"Fioraldi Andrea","year":"2020","unstructured":"Andrea Fioraldi, Dominik Maier, Heiko Eibfeldt, and Marc Heuse. 2020. AFL++: Combining incremental steps of fuzzing research. In 14th USENIX Workshop on Offensive Technologies (WOOT 20)."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/3580596"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2009.5070546"},{"key":"e_1_3_2_1_22_1","unstructured":"Google. 2022. honggfuzz. https:\/\/honggfuzz.dev"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2338965.2336763"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3428334"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2023.23159"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243804"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3510003.3510628"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","unstructured":"James Kukucka Lu\u00eds Pina Paul Ammann and Jonathan Bell. 2024. Artifact to accompany \"An Empirical Examination of Fuzzer Mutator Performance\" (ISSTA 2024 article). https:\/\/doi.org\/10.5281\/zenodo.12655683 10.5281\/zenodo.12655683","DOI":"10.5281\/zenodo.12655683"},{"key":"e_1_3_2_1_29_1","unstructured":"LLVM Project. 2019. libFuzzer - a library for coverage-guided fuzz testing. https:\/\/llvm.org\/docs\/LibFuzzer.html"},{"key":"e_1_3_2_1_30_1","volume-title":"MOPT: Optimized Mutation Scheduling for Fuzzers. In 28th USENIX Security Symposium (USENIX Security 19)","author":"Lyu Chenyang","year":"2019","unstructured":"Chenyang Lyu, Shouling Ji, Chao Zhang, Yuwei Li, Wei-Han Lee, Yu Song, and Raheem Beyah. 2019. MOPT: Optimized Mutation Scheduling for Fuzzers. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA. 1949\u20131966. isbn:978-1-939133-06-9 https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/lyu"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/3468264.3473932"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3611643.3616308"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3447852.3458720"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3293882.3330576"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"crossref","unstructured":"Sanjay Rawat Vivek Jain Ashish Kumar Lucian Cojocar Cristiano Giuffrida and Herbert Bos. 2017. VUzzer: Application-aware Evolutionary Fuzzing. In NDSS. https:\/\/www.vusec.net\/download\/?t=papers\/vuzzer_ndss17.pdf","DOI":"10.14722\/ndss.2017.23404"},{"key":"e_1_3_2_1_36_1","volume-title":"Nicolai Bissantz, Marius Muench, and Thorsten Holz.","author":"Schloegel Moritz","year":"2024","unstructured":"Moritz Schloegel, Nils Bars, Nico Schiller, Lukas Bernhard, Tobias Scharnowski, Addison Crump, Arash Ale Ebrahim, Nicolai Bissantz, Marius Muench, and Thorsten Holz. 2024. SoK: Prudent Evaluation Practices for Fuzzing. arXiv preprint arXiv:2405.10220."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"crossref","unstructured":"Koushik Sen and Gul Agha. 2006. CUTE and jCUTE: Concolic Unit Testing and Explicit Path Model-Checking Tools. In CAV Thomas Ball and Robert B. Jones (Eds.). 419\u2013423.","DOI":"10.1007\/11817963_38"},{"key":"e_1_3_2_1_38_1","volume-title":"Driller: Augmenting Fuzzing Through Selective Symbolic Execution. In 23rd Annual Network and Distributed System Security Symposium, NDSS 2016","author":"Stephens Nick","year":"2016","unstructured":"Nick Stephens, John Grosen, Christopher Salls, Andrew Dutcher, Ruoyu Wang, Jacopo Corbetta, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna. 2016. Driller: Augmenting Fuzzing Through Selective Symbolic Execution. In 23rd Annual Network and Distributed System Security Symposium, NDSS 2016, San Diego, California, USA, February 21-24, 2016. The Internet Society. http:\/\/wp.internetsociety.org\/ndss\/wp-content\/uploads\/sites\/25\/2017\/09\/driller-augmenting-fuzzing-through-selective-symbolic-execution.pdf"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2019.00081"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/2019599.2019600"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/3510003.3510174"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/10968987_3"},{"key":"e_1_3_2_1_43_1","unstructured":"Micha\u0142 Zalewski. 2014. Binary fuzzing strategies: What works what doesn\u2019t. https:\/\/lcamtuf.blogspot.com\/2014\/08\/binary-fuzzing-strategies-what-works.html"},{"key":"e_1_3_2_1_44_1","unstructured":"Michal Zalewski. 2019. American Fuzzy Lop. http:\/\/lcamtuf.coredump.cx\/afl\/technical_details.txt"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/3580597"},{"key":"e_1_3_2_1_46_1","volume-title":"FIXREVERTER: A Realistic Bug Injection Methodology for Benchmarking Fuzz Testing. In 31st USENIX Security Symposium (USENIX Security 22)","author":"Zhang Zenong","year":"2022","unstructured":"Zenong Zhang, Zach Patterson, Michael Hicks, and Shiyi Wei. 2022. FIXREVERTER: A Realistic Bug Injection Methodology for Benchmarking Fuzz Testing. In 31st USENIX Security Symposium (USENIX Security 22). USENIX Association, Boston, MA. 3699\u20133715. isbn:978-1-939133-31-1 https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/zhang-zenong"},{"key":"e_1_3_2_1_47_1","volume-title":"Send Hardest Problems My Way: Probabilistic Path Prioritization for Hybrid Fuzzing. In 26th Annual Network and Distributed System Security Symposium, NDSS 2019","author":"Zhao Lei","year":"2019","unstructured":"Lei Zhao, Yue Duan, Heng Yin, and Jifeng Xuan. 2019. Send Hardest Problems My Way: Probabilistic Path Prioritization for Hybrid Fuzzing. In 26th Annual Network and Distributed System Security Symposium, NDSS 2019, San Diego, California, USA, February 24-27, 2019. https:\/\/www.ndss-symposium.org\/ndss-paper\/send-hardest-problems-my-way-probabilistic-path-prioritization-for-hybrid-fuzzing\/"}],"event":{"name":"ISSTA '24: 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis","location":"Vienna Austria","acronym":"ISSTA '24","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering","AITO"]},"container-title":["Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3650212.3680387","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3650212.3680387","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T00:58:09Z","timestamp":1750294689000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3650212.3680387"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,9,11]]},"references-count":47,"alternative-id":["10.1145\/3650212.3680387","10.1145\/3650212"],"URL":"https:\/\/doi.org\/10.1145\/3650212.3680387","relation":{},"subject":[],"published":{"date-parts":[[2024,9,11]]},"assertion":[{"value":"2024-09-11","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}