{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,5]],"date-time":"2026-06-05T04:39:39Z","timestamp":1780634379880,"version":"3.54.1"},"publisher-location":"New York, NY, USA","reference-count":73,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,12,2]],"date-time":"2024-12-02T00:00:00Z","timestamp":1733097600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"UC Noyce Initiative","award":["N\/A"],"award-info":[{"award-number":["N\/A"]}]},{"DOI":"10.13039\/501100006374","name":"National Science Foundation","doi-asserted-by":"publisher","award":["1956364"],"award-info":[{"award-number":["1956364"]}],"id":[{"id":"10.13039\/501100006374","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,12,2]]},"DOI":"10.1145\/3658644.3670396","type":"proceedings-article","created":{"date-parts":[[2024,12,9]],"date-time":"2024-12-09T12:19:20Z","timestamp":1733746760000},"page":"3793-3807","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":31,"title":["Prompt Fuzzing for Fuzz Driver Generation"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0006-6766-6271","authenticated-orcid":false,"given":"Yunlong","family":"Lyu","sequence":"first","affiliation":[{"name":"Tencent Security Big Data Lab, Shanghai, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-3436-3205","authenticated-orcid":false,"given":"Yuxuan","family":"Xie","sequence":"additional","affiliation":[{"name":"Tencent Security Big Data Lab, Shanghai, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0005-7482-1359","authenticated-orcid":false,"given":"Peng","family":"Chen","sequence":"additional","affiliation":[{"name":"Tencent Security Big Data Lab, Shanghai, China"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4072-0710","authenticated-orcid":false,"given":"Hao","family":"Chen","sequence":"additional","affiliation":[{"name":"University of California, Davis, Davis, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2024,12,9]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/3605157.3605173"},{"key":"e_1_3_2_1_2_1","first-page":"12","article-title":"A systematic evaluation of static api-misuse detectors","volume":"45","author":"Amann S.","year":"2018","unstructured":"Amann, S., Nguyen, H. A., Nadi, S., Nguyen, T. N., and Mezini, M. A systematic evaluation of static api-misuse detectors. IEEE Transactions on Software Engineering 45, 12 (2018), 1170--1188.","journal-title":"IEEE Transactions on Software Engineering"},{"key":"e_1_3_2_1_3_1","unstructured":"Amiet N. Introducing fuzzomatic: Using ai to automatically fuzz rust projects from scratch. https:\/\/research.kudelskisecurity.com\/2023\/12\/07\/introducingfuzzomatic-using-ai-to-automatically-fuzz-rust-projects-from-scratch\/."},{"key":"e_1_3_2_1_4_1","volume-title":"Pythia: Grammar-based fuzzing of rest apis with coverage-guided feedback and learningbased mutations. arXiv preprint arXiv:2005.11498","author":"Atlidakis V.","year":"2020","unstructured":"Atlidakis, V., Geambasu, R., Godefroid, P., Polishchuk, M., and Ray, B. Pythia: Grammar-based fuzzing of rest apis with coverage-guided feedback and learningbased mutations. arXiv preprint arXiv:2005.11498 (2020)."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3338906.3340456"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/D19-1255"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978428"},{"key":"e_1_3_2_1_8_1","first-page":"1877","volume-title":"Advances in Neural Information Processing Systems","author":"Brown T.","year":"2020","unstructured":"Brown, T., Mann, B., Ryder, N., Subbiah, M., Kaplan, J. D., Dhariwal, P., Neelakantan, A., Shyam, P., et al. Language models are few-shot learners. In Advances in Neural Information Processing Systems (2020), pp. 1877--1901."},{"key":"e_1_3_2_1_9_1","volume-title":"Taking the next step: Oss-fuzz","author":"Chang O.","year":"2023","unstructured":"Chang, O. Taking the next step: Oss-fuzz in 2023. https:\/\/security.googleblog. com\/2023\/02\/taking-next-step-oss-fuzz-in-2023.html."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2017.8115674"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00046"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3319535.3363225"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3616610"},{"key":"e_1_3_2_1_14_1","unstructured":"Das S. Fine tune large language model (llm) on a custom dataset. https:\/\/dassum.medium.com\/fine-tune-large-language-model-llm-on-acustom-dataset-with-qlora-fb60abdeba07."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/3597503.3623343"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3597926.3598067"},{"key":"e_1_3_2_1_17_1","unstructured":"Dongge Liu J. M. and Chang O. Fuzz target generation using llms. https: \/\/google.github.io\/oss-fuzz\/research\/llms\/target_generation\/."},{"key":"e_1_3_2_1_18_1","unstructured":"Ferrer J. An introductory guide to fine-tuning llms. https:\/\/www.datacamp. com\/tutorial\/fine-tuning-large-language-models."},{"key":"e_1_3_2_1_19_1","unstructured":"Google. Google's bard. https:\/\/bard.google.com\/."},{"key":"e_1_3_2_1_20_1","unstructured":"Google. Honggfuzz. https:\/\/github.com\/google\/honggfuzz."},{"key":"e_1_3_2_1_21_1","unstructured":"Google. How to prepare the seed corpus for oss-fuzz. https:\/\/google.github.io\/ oss-fuzz\/getting-started\/new-project-guide\/#seed-corpus."},{"key":"e_1_3_2_1_22_1","unstructured":"Google. What makes a good fuzz target. https:\/\/github.com\/google\/fuzzing\/ blob\/master\/docs\/good-fuzz-target.md."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/3510003.3510228"},{"key":"e_1_3_2_1_24_1","first-page":"2271","volume-title":"29th USENIX Security Symposium (USENIX Security 20)","author":"Ispoglou K.","year":"2020","unstructured":"Ispoglou, K., Austin, D., Mohan, V., and Payer, M. FuzzGen: Automatic fuzzer generation. In 29th USENIX Security Symposium (USENIX Security 20) (2020), pp. 2271--2287."},{"key":"e_1_3_2_1_25_1","first-page":"746","volume-title":"2023 IEEE Symposium on Security and Privacy (SP)","author":"Jeong B.","year":"2022","unstructured":"Jeong, B., Jang, J., Yi, H., Moon, J., Kim, J., Jeon, I., Kim, T., Shim, W., and Hwang, Y. H. Utopia: Automatic generation of fuzz driver using unit tests. In 2023 IEEE Symposium on Security and Privacy (SP) (2022), IEEE Computer Society, pp. 746--762."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/3571730"},{"key":"e_1_3_2_1_27_1","first-page":"298","volume-title":"Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis (New York, NY, USA, 2018), ISSTA 2018, Association for Computing Machinery","author":"Jiang J.","unstructured":"Jiang, J., Xiong, Y., Zhang, H., Gao, Q., and Chen, X. Shaping program repair space with existing patches and similar code. In Proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis (New York, NY, USA, 2018), ISSTA 2018, Association for Computing Machinery, p. 298--309."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE51524.2021.9678813"},{"key":"e_1_3_2_1_29_1","volume-title":"Inferfix: End-to-end program repair with llms. arXiv preprint arXiv:2303.07263","author":"Jin M.","year":"2023","unstructured":"Jin, M., Shahriar, S., Tufano, M., Shi, X., Lu, S., Sundaresan, N., and Svyatkovskiy, A. Inferfix: End-to-end program repair with llms. arXiv preprint arXiv:2303.07263 (2023)."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.24334"},{"key":"e_1_3_2_1_31_1","first-page":"8","article-title":"Active learning of discriminative subgraph patterns for api misuse detection","volume":"48","author":"Kang H. J.","year":"2021","unstructured":"Kang, H. J., and Lo, D. Active learning of discriminative subgraph patterns for api misuse detection. IEEE Transactions on Software Engineering 48, 8 (2021), 2761--2783.","journal-title":"IEEE Transactions on Software Engineering"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3293882.3330552"},{"key":"e_1_3_2_1_33_1","volume-title":"Advances in Neural Information Processing Systems 35 (NIPS 2022)","author":"Kojima T.","year":"2022","unstructured":"Kojima, T., Gu, S. S., Reid, M., Matsuo, Y., and Iwasawa, Y. Large language models are zero-shot reasoners. In Advances in Neural Information Processing Systems 35 (NIPS 2022) (2022)."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00085"},{"key":"e_1_3_2_1_35_1","first-page":"9459","volume-title":"Advances in Neural Information Processing Systems","volume":"33","author":"Lewis P.","year":"2020","unstructured":"Lewis, P., Perez, E., Piktus, A., Petroni, F., Karpukhin, V., Goyal, N., K\u00fcttler, H., Lewis, M., Yih, W.-t., Rockt\u00e4schel, T., et al. Retrieval-augmented generation for knowledge-intensive nlp tasks. In Advances in Neural Information Processing Systems (2020), vol. 33, pp. 9459--9474."},{"key":"e_1_3_2_1_36_1","volume-title":"Is your code generated by chatgpt really correct? rigorous evaluation of large language models for code generation. arXiv preprint arXiv:2305.01210","author":"Liu J.","year":"2023","unstructured":"Liu, J., Xia, C. S., Wang, Y., and Zhang, L. Is your code generated by chatgpt really correct? rigorous evaluation of large language models for code generation. arXiv preprint arXiv:2305.01210 (2023)."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/SANER.2019.8667970"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP54263.2024.00011"},{"key":"e_1_3_2_1_39_1","unstructured":"LLVM. Fuzzeddataprovider. https:\/\/github.com\/llvm\/llvm-project\/blob\/main\/ compiler-rt\/include\/fuzzer\/FuzzedDataProvider.h."},{"key":"e_1_3_2_1_40_1","unstructured":"LLVM. libfuzzer -- a library for coverage-guided fuzz testing. https:\/\/llvm.org\/ docs\/LibFuzzer.html."},{"key":"e_1_3_2_1_41_1","unstructured":"LLVM. Undefinedbehaviorsanitizer. https:\/\/clang.llvm.org\/docs\/ UndefinedBehaviorSanitizer.html."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3423360"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833613"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-88323-2_7"},{"key":"e_1_3_2_1_45_1","volume-title":"Automated change rule inference for distance-based api misuse detection. arXiv preprint arXiv:2207.06665","author":"Nielebock S.","year":"2022","unstructured":"Nielebock, S., Blockhaus, P., Kr\u00fcger, J., and Ortmeier, F. Automated change rule inference for distance-based api misuse detection. arXiv preprint arXiv:2207.06665 (2022)."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3377816.3381735"},{"key":"e_1_3_2_1_47_1","unstructured":"OPENAI. How to use chat-based language models. https:\/\/platform.openai.com\/ docs\/guides\/chat\/introduction."},{"key":"e_1_3_2_1_48_1","unstructured":"OPENAI. Introducing chatgpt. https:\/\/openai.com\/blog\/chatgpt."},{"key":"e_1_3_2_1_49_1","volume-title":"Gpt-4 technical report. arXiv preprint arXiv:2303.08774","author":"Open AI.","year":"2023","unstructured":"OpenAI. Gpt-4 technical report. arXiv preprint arXiv:2303.08774 (2023)."},{"key":"e_1_3_2_1_50_1","first-page":"27730","volume-title":"Advances in Neural Information Processing Systems","author":"Ouyang L.","year":"2022","unstructured":"Ouyang, L.,Wu, J., Jiang, X., Almeida, D.,Wainwright, C., Mishkin, P., Zhang, C., Agarwal, S., et al. Training language models to follow instructions with human feedback. In Advances in Neural Information Processing Systems (2022), pp. 27730--27744."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833571"},{"key":"e_1_3_2_1_52_1","volume-title":"Check your facts and try again: Improving large language models with external knowledge and automated feedback. arXiv preprint arXiv:2302.12813","author":"Peng B.","year":"2023","unstructured":"Peng, B., Galley, M., He, P., Cheng, H., Xie, Y., Hu, Y., Huang, Q., Liden, L., Yu, Z., Chen, W., and Gao, J. Check your facts and try again: Improving large language models with external knowledge and automated feedback. arXiv preprint arXiv:2302.12813 (2023)."},{"key":"e_1_3_2_1_53_1","volume-title":"Language models are unsupervised multitask learners. OpenAI blog 1, 8","author":"Radford A.","year":"2019","unstructured":"Radford, A., Wu, J., Child, R., Luan, D., Amodei, D., Sutskever, I., et al. Language models are unsupervised multitask learners. OpenAI blog 1, 8 (2019), 9."},{"key":"e_1_3_2_1_54_1","volume-title":"32th USENIX Security Symposium (USENIX Security 23)","author":"Sandoval G.","year":"2023","unstructured":"Sandoval, G., Pearce, H., Nys, T., Karri, R., Garg, S., and Dolan-Gavitt, B. Lost at c: A user study on the security implications of large language model code assistants. In 32th USENIX Security Symposium (USENIX Security 23) (2023)."},{"key":"e_1_3_2_1_55_1","volume-title":"Proceedings of the 26th USENIX Conference on Security Symposium (technical sessions)","author":"Serebryany K.","year":"2017","unstructured":"Serebryany, K. OSS-Fuzz-google's continuous fuzzing service for open source software. In Proceedings of the 26th USENIX Conference on Security Symposium (technical sessions) (2017), USENIX Association."},{"key":"e_1_3_2_1_56_1","first-page":"28","volume-title":"Proceedings of the 2012 USENIX Conference on Annual Technical Conference (2012), USENIX ATC'12, USENIX Association","author":"Serebryany K.","unstructured":"Serebryany, K., Bruening, D., Potapenko, A., and Vyukov, D. Addresssanitizer: A fast address sanity checker. In Proceedings of the 2012 USENIX Conference on Annual Technical Conference (2012), USENIX ATC'12, USENIX Association, p. 28."},{"key":"e_1_3_2_1_57_1","volume-title":"Large-scale knowledge enhanced pre-training for language understanding and generation. arXiv preprint arXiv:2107.02137","author":"Sun Y.","year":"2021","unstructured":"Sun, Y., Wang, S., Feng, S., et al. Ernie 3.0: Large-scale knowledge enhanced pre-training for language understanding and generation. arXiv preprint arXiv:2107.02137 (2021)."},{"key":"e_1_3_2_1_58_1","unstructured":"Tolnay D. Clang ast deserializer in rust. https:\/\/github.com\/dtolnay\/clang-ast."},{"key":"e_1_3_2_1_59_1","volume-title":"Llama 2: Open foundation and fine-tuned chat models. arXiv preprint arXiv:2307.09288","author":"Touvron H.","year":"2023","unstructured":"Touvron, H., Martin, L., Stone, K., et al. Llama 2: Open foundation and fine-tuned chat models. arXiv preprint arXiv:2307.09288 (2023)."},{"key":"e_1_3_2_1_60_1","volume-title":"Proceedings of the 32nd USENIX Conference on Security Symposium","author":"Wang D.","year":"2023","unstructured":"Wang, D., Li, Y., Zhang, Z., and Chen, K. Carpetfuzz: Automatic program option constraint extraction from documentation for fuzzing. In Proceedings of the 32nd USENIX Conference on Security Symposium (Anaheim, CA, USA, 2023), USENIX Association."},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2019.00081"},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2019.00093"},{"key":"e_1_3_2_1_63_1","volume-title":"Universal fuzzing via large language models. arXiv preprint arXiv:2308.04748","author":"Xia C. S.","year":"2023","unstructured":"Xia, C. S., Paltenghi, M., Tian, J. L., Pradel, M., and Zhang, L. Universal fuzzing via large language models. arXiv preprint arXiv:2308.04748 (2023)."},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE48619.2023.00129"},{"key":"e_1_3_2_1_65_1","volume-title":"Conversational automated program repair. arXiv preprint arXiv:2301.13246","author":"Xia C. S.","year":"2023","unstructured":"Xia, C. S., and Zhang, L. Conversational automated program repair. arXiv preprint arXiv:2301.13246 (2023)."},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1109\/QRS57517.2022.00100"},{"key":"e_1_3_2_1_67_1","unstructured":"Yunlong Lyu Yuxuan Xie P. C. and Chen H. Promptfuzz. https:\/\/github. com\/PromptFuzz\/PromptFuzz."},{"key":"e_1_3_2_1_68_1","unstructured":"Zalewski M. American fuzzy lop. http:\/\/lcamtuf.coredump.cx\/afl\/."},{"key":"e_1_3_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1109\/APSEC53868.2021.00024"},{"key":"e_1_3_2_1_70_1","volume-title":"Understanding large language model based fuzz driver generation. arXiv preprint arXiv:2307.12469","author":"Zhang C.","year":"2023","unstructured":"Zhang, C., Bai, M., Zheng, Y., Li, Y., Xie, X., Li, Y., Ma, W., Sun, L., and Liu, Y. Understanding large language model based fuzz driver generation. arXiv preprint arXiv:2307.12469 (2023)."},{"key":"e_1_3_2_1_71_1","first-page":"2811","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Zhang C.","year":"2021","unstructured":"Zhang, C., Lin, X., Li, Y., Xue, Y., Xie, J., Chen, H., Ying, X.,Wang, J., and Liu, Y. APICraft: Fuzz driver generation for closed-source SDK libraries. In 30th USENIX Security Symposium (USENIX Security 21) (2021), pp. 2811--2828."},{"key":"e_1_3_2_1_72_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE-SEIP52600.2021.00041"},{"key":"e_1_3_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2023.findings-acl.678"}],"event":{"name":"CCS '24: ACM SIGSAC Conference on Computer and Communications Security","location":"Salt Lake City UT USA","acronym":"CCS '24","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658644.3670396","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3658644.3670396","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T06:07:17Z","timestamp":1755842837000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658644.3670396"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,2]]},"references-count":73,"alternative-id":["10.1145\/3658644.3670396","10.1145\/3658644"],"URL":"https:\/\/doi.org\/10.1145\/3658644.3670396","relation":{},"subject":[],"published":{"date-parts":[[2024,12,2]]},"assertion":[{"value":"2024-12-09","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}