{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,9]],"date-time":"2026-03-09T17:59:58Z","timestamp":1773079198818,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":54,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,12,2]],"date-time":"2024-12-02T00:00:00Z","timestamp":1733097600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Key Research Program of Frontier Sciences, CAS","award":["ZDBS-LY-7006"],"award-info":[{"award-number":["ZDBS-LY-7006"]}]},{"DOI":"10.13039\/501100006374","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62372437, 62232016, 62302508, 62302506"],"award-info":[{"award-number":["62372437, 62232016, 62302508, 62302506"]}],"id":[{"id":"10.13039\/501100006374","id-type":"DOI","asserted-by":"publisher"}]},{"name":"Youth Innovation Promotion Association of the Chinese Academy of Sciences (YICAS)","award":["Y2021041"],"award-info":[{"award-number":["Y2021041"]}]},{"name":"Research Project of Institute of Software Chinese Academy of Sciences","award":["ISCAS-JCZD-202301, ISCAS-ZD-202402"],"award-info":[{"award-number":["ISCAS-JCZD-202301, ISCAS-ZD-202402"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,12,2]]},"DOI":"10.1145\/3658644.3690228","type":"proceedings-article","created":{"date-parts":[[2024,12,9]],"date-time":"2024-12-09T12:19:20Z","timestamp":1733746760000},"page":"705-719","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["OSmart: Whitebox Program Option Fuzzing"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0000-3617-3913","authenticated-orcid":false,"given":"Kelin","family":"Wang","sequence":"first","affiliation":[{"name":"TCA, Institute of Software, Chinese Academy of Sciences &amp; Key Laboratory of Aerospace Information Security and Trusted Computing, Ministry of Education, School of Cyber Science and Engineering, Wuhan University, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-2554-662X","authenticated-orcid":false,"given":"Mengda","family":"Chen","sequence":"additional","affiliation":[{"name":"TCA, Institute of Software, Chinese Academy of Sciences, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6627-4691","authenticated-orcid":false,"given":"Liang","family":"He","sequence":"additional","affiliation":[{"name":"TCA, Institute of Software, Chinese Academy of Sciences, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6701-0383","authenticated-orcid":false,"given":"Purui","family":"Su","sequence":"additional","affiliation":[{"name":"TCA, Institute of Software, Chinese Academy of Sciences &amp; Key Laboratory of System Software (Chinese Academy of Sciences) and State Key Laboratory of Computer Science, Institute of Software, Chinese Academy of Sciences, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4768-0272","authenticated-orcid":false,"given":"Yan","family":"Cai","sequence":"additional","affiliation":[{"name":"Key Laboratory of System Software (Chinese Academy of Sciences) and State Key Laboratory of Computer Science, Institute of Software, Chinese Academy of Sciences, Beijing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0776-4073","authenticated-orcid":false,"given":"Jiongyi","family":"Chen","sequence":"additional","affiliation":[{"name":"College of Electronic Science and Technology, National University of Defense Technology, Changsha, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3059-5044","authenticated-orcid":false,"given":"Bin","family":"Zhang","sequence":"additional","affiliation":[{"name":"College of Electronic Science and Technology, National University of Defense Technology, Changsha, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0884-5457","authenticated-orcid":false,"given":"Chao","family":"Feng","sequence":"additional","affiliation":[{"name":"College of Electronic Science and Technology, National University of Defense Technology, Changsha, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9025-2791","authenticated-orcid":false,"given":"Chaojing","family":"Tang","sequence":"additional","affiliation":[{"name":"College of Electronic Science and Technology, National University of Defense Technology, Changsha, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,12,9]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"AFLplusplus\/AFLplusplus. 2024. AFLplusplus. https:\/\/github.com\/AFLplusplus\/AFLplusplus."},{"key":"e_1_3_2_1_2_1","unstructured":"AFLplusplus\/AFLplusplus. 2024. AFLplusplus-argvfuzz. https:\/\/github.com\/AFLplusplus\/AFLplusplus\/tree\/stable\/utils\/argv_fuzzing."},{"key":"e_1_3_2_1_3_1","unstructured":"american fuzzy lop (2.52b). 2024. American Fuzzy Lop. http:\/\/lcamtuf.coredump.cx\/afl\/."},{"key":"e_1_3_2_1_4_1","unstructured":"angr. 2015. angr. https:\/\/angr.io."},{"key":"e_1_3_2_1_5_1","unstructured":"Marko A.Rodriguez and Peter Neubauer. 2011. The Graph Traversal Pattern. In Graph Data Management: Techniques and Applications."},{"key":"e_1_3_2_1_6_1","volume-title":"REDQUEEN: Fuzzing with Input-to-State Correspondence. In 26th Annual Network and Distributed System Security Symposium, NDSS 2019","author":"Aschermann Cornelius","year":"2019","unstructured":"Cornelius Aschermann, Sergej Schumilo, Tim Blazytko, Robert Gawlik, and Thorsten Holz. 2019. REDQUEEN: Fuzzing with Input-to-State Correspondence. In 26th Annual Network and Distributed System Security Symposium, NDSS 2019, San Diego, California, USA, February 24--27, 2019. The Internet Society. https:\/\/www.ndss-symposium.org\/ndss-paper\/redqueen-fuzzing-with-input-to-state-correspondence\/"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2017.14"},{"key":"e_1_3_2_1_8_1","unstructured":"bjascob\/LemmInflect. 2022. Lemminflect. https:\/\/github.com\/bjascob\/LemmInflect."},{"key":"e_1_3_2_1_9_1","volume-title":"Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation.","author":"Cadar Cristian","year":"2008","unstructured":"Cristian Cadar, Daniel Dunbar, and Dawson Engler. 2008. KLEE: Unassisted And Automatic Generation Of High-coverage Tests for Complex Systems Programs. In Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2408776.2408795"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00046"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1950365.1950396"},{"key":"e_1_3_2_1_13_1","unstructured":"Wikipedia Contributors. 2024. getopt. https:\/\/en.wikipedia.org\/wiki\/Getopt."},{"key":"e_1_3_2_1_14_1","unstructured":"LLVM Developers. 2024. The LLVM Compiler Infrastructure. https:\/\/www.llvm.org."},{"key":"e_1_3_2_1_15_1","first-page":"3404","article-title":"Vulnerability mining method based on code property graph and attention BiLSTM","volume":"31","author":"Duan Xu","year":"2020","unstructured":"Xu Duan, Jingzhen Wu, tianyue Wu, Mutian Yang, and Yanjun Wu. 2020. Vulnerability mining method based on code property graph and attention BiLSTM. Journal of Software, Vol. 31, 11 (2020), 3404--3420.","journal-title":"Journal of Software"},{"key":"e_1_3_2_1_16_1","volume-title":"Proceedings IEEE Symposium on Security and Privacy.","author":"Fabian Yamaguchi","year":"2014","unstructured":"Yamaguchi Fabian, Golde Nico, Arp Daniel, and Rieck Konrad. 2014. Modeling and Discovering Vulnerabilities with Code Property Graph.. In Proceedings IEEE Symposium on Security and Privacy."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/24039.24041"},{"key":"e_1_3_2_1_18_1","unstructured":"AI2 Allen Institute for AI. 2024. AllenNLP. https:\/\/allenai.org\/allennlp."},{"key":"e_1_3_2_1_19_1","unstructured":"gnu c library. 2024. getopt_long. https:\/\/www.gnu.org\/software\/libc\/manual\/html_node\/Getopt-Long-Options.html."},{"key":"e_1_3_2_1_20_1","volume-title":"Proceedings of the ACM SIGPLAN 2008 Conference on Programming Language Design and Implementation.","author":"Godefroid Patrice","unstructured":"Patrice Godefroid, Adam Kiezun, and Michael Y.Levin. 2008. Grammar-based Whitebox Fuzzing.. In Proceedings of the ACM SIGPLAN 2008 Conference on Programming Language Design and Implementation."},{"key":"e_1_3_2_1_21_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium.","author":"Godefroid Patrice","year":"2008","unstructured":"Patrice Godefroid, Michael Y.Levin, and David Molnar. 2008. Automated Whitebox Fuzz Testing.. In Proceedings of the Network and Distributed System Security Symposium."},{"key":"e_1_3_2_1_22_1","unstructured":"google\/AFL. 2024. AFL-argvfuzz. https:\/\/github.com\/google\/AFL\/tree\/master\/experimental\/argv_fuzzing."},{"key":"e_1_3_2_1_23_1","unstructured":"google\/syzkaller. 2024. Syzkaller. https:\/\/github.com\/google\/syzkaller\/."},{"key":"e_1_3_2_1_24_1","unstructured":"Graphviz. 2022. DOT Language."},{"key":"e_1_3_2_1_25_1","unstructured":"Joern. 2023. JOERN-The Bug Hunter's Workbench. https:\/\/joern.io."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/368996.369025"},{"key":"e_1_3_2_1_27_1","volume-title":"Deep learning. nature","author":"LeCun Yann","year":"2015","unstructured":"Yann LeCun, Yoshua Bengio, and Geoffrey Hinton. 2015. Deep learning. nature, Vol. 521, 7553 (2015), 436--444."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICST53961.2022.00032"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/3597503.3623315"},{"key":"e_1_3_2_1_30_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Li Song","year":"2022","unstructured":"Song Li, Mingqing Kang, Jianwei Hou, and Yinzhi Cao. 2022. Mining node. js vulnerabilities via object dependence graph and query. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_31_1","unstructured":"libjpeg-turbo\/libjpeg turbo. 2022. Libjpeg-turbo. https:\/\/github.com\/libjpeg-turbo\/libjpeg-turbo\/issues\/621."},{"key":"e_1_3_2_1_32_1","volume-title":"Proceedings of the 26th ACM Conference on Computer and Communications Security.","author":"Lu Kangjie","year":"2019","unstructured":"Kangjie Lu and Hong Hu. 2019. Where Does It Go? Refining Indirect-Call Targets with Multi-Layer Type Analysis.. In Proceedings of the 26th ACM Conference on Computer and Communications Security."},{"key":"e_1_3_2_1_33_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Lyu Chenyang","year":"2019","unstructured":"Chenyang Lyu, Shouling Ji, Chao Zhang, Yuwei Li, Wei-Han Lee, Yu Song, and Raheem Beyah. 2019. MOPT: Optimized mutation scheduling for fuzzers. In 28th USENIX Security Symposium (USENIX Security 19). 1949--1966."},{"key":"e_1_3_2_1_34_1","unstructured":"malteskoruppa\/phpjoern. 2024. Parser utility to generate asts from php source code suitable to be processed by joern. https:\/\/github.com\/malteskoruppa\/phpjoern."},{"key":"e_1_3_2_1_35_1","unstructured":"netwide assembler\/nasm. 2024. nasm. https:\/\/github.com\/netwide-assembler\/nasm."},{"key":"e_1_3_2_1_36_1","unstructured":"NLTK. 2024. Natural Language Toolkit. https:\/\/www.nltk.org\/index.html."},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2018.00056"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/96267.96279"},{"key":"e_1_3_2_1_39_1","volume-title":"29th USENIX Security Symposium, USENIX Security 2020","author":"Poeplau Sebastian","year":"2020","unstructured":"Sebastian Poeplau and Aur\u00e9lien Francillon. 2020. Symbolic execution with SymCC: Don't interpret, compile!. In 29th USENIX Security Symposium, USENIX Security 2020, August 12--14, 2020, Srdjan Capkun and Franziska Roesner (Eds.). USENIX Association, 181--198. https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/poeplau"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2021.24118"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"crossref","unstructured":"Sanjay Rawat Vivek Jain Ashish Kumar Lucian Cojocar Cristiano Giuffrida and Herbert Bos. 2017. VUzzer: Application-aware Evolutionary Fuzzing.. In NDSS.","DOI":"10.14722\/ndss.2017.23404"},{"key":"e_1_3_2_1_42_1","volume-title":"23rd USENIX Security Symposium. 861--875","author":"Rebert Alexandre","year":"2014","unstructured":"Alexandre Rebert, Sang Kil Cha, Thanassis Avgerinos, Jonathan Foote, David Warren, Gustavo Grieco, and David Brumley. 2014. Optimizing seed selection for fuzzing. In 23rd USENIX Security Symposium. 861--875."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2010.26"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2023.24610"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1145\/3368089.3409769"},{"key":"e_1_3_2_1_46_1","volume-title":"Driller: Augmenting Fuzzing Through Selective Symbolic Execution. In 23rd Annual Network and Distributed System Security Symposium, NDSS 2016","author":"Stephens Nick","year":"2016","unstructured":"Nick Stephens, John Grosen, Christopher Salls, Andrew Dutcher, Ruoyu Wang, Jacopo Corbetta, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna. 2016. Driller: Augmenting Fuzzing Through Selective Symbolic Execution. In 23rd Annual Network and Distributed System Security Symposium, NDSS 2016, San Diego, California, USA, February 21--24, 2016. The Internet Society. http:\/\/wp.internetsociety.org\/ndss\/wp-content\/uploads\/sites\/25\/2017\/09\/driller-augmenting-fuzzing-through-selective-symbolic-execution.pdf"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/2892208.2892235"},{"key":"e_1_3_2_1_48_1","volume-title":"\u0141 ukasz Kaiser, and Illia Polosukhin","author":"Vaswani Ashish","year":"2017","unstructured":"Ashish Vaswani, Noam Shazeer, Niki Parmar, Jakob Uszkoreit, Llion Jones, Aidan N Gomez, \u0141 ukasz Kaiser, and Illia Polosukhin. 2017. Attention is All you Need. In Advances in Neural Information Processing Systems, I. Guyon, U. Von Luxburg, S. Bengio, H. Wallach, R. Fergus, S. Vishwanathan, and R. Garnett (Eds.), Vol. 30. Curran Associates, Inc. https:\/\/proceedings.neurips.cc\/paper_files\/paper\/2017\/file\/3f5ee243547dee91fbd053c1c4a845aa-Paper.pdf"},{"key":"e_1_3_2_1_49_1","volume-title":"Proceedings of the USENIX Security Symposium.","author":"Wang Dawei","year":"2023","unstructured":"Dawei Wang, Ying Li, Zhiyu Zhang, and Kai Chen. 2023. CarpetFuzz: Automatic Program Option Constraint Extraction from Documentation for Fuzzing. In Proceedings of the USENIX Security Symposium."},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICAIT.2018.8686548"},{"key":"e_1_3_2_1_51_1","volume-title":"Proceedings of the 27th USENIX Security Symposium.","author":"Yun Insu","year":"2018","unstructured":"Insu Yun, Sangho Lee, Meng Xu, Yeongjin Jang, and Taesoo Kim. 2018. QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing. In Proceedings of the 27th USENIX Security Symposium."},{"key":"e_1_3_2_1_52_1","volume-title":"Registered Report: Fuzzing Configurations of Program Options. In International Fuzzing Workshop (FUZZING).","author":"Zhang Zenong","year":"2022","unstructured":"Zenong Zhang, George Klees, Eric Wang, Michael Hicks, and Shiyi Wei. 2022. Registered Report: Fuzzing Configurations of Program Options. In International Fuzzing Workshop (FUZZING)."},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/3580597"},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/P16-2034"}],"event":{"name":"CCS '24: ACM SIGSAC Conference on Computer and Communications Security","location":"Salt Lake City UT USA","acronym":"CCS '24","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658644.3690228","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3658644.3690228","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T06:08:49Z","timestamp":1755842929000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658644.3690228"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,2]]},"references-count":54,"alternative-id":["10.1145\/3658644.3690228","10.1145\/3658644"],"URL":"https:\/\/doi.org\/10.1145\/3658644.3690228","relation":{},"subject":[],"published":{"date-parts":[[2024,12,2]]},"assertion":[{"value":"2024-12-09","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}