{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,30]],"date-time":"2025-07-30T13:35:48Z","timestamp":1753882548888,"version":"3.41.2"},"reference-count":36,"publisher":"Wiley","issue":"1","license":[{"start":{"date-parts":[[2024,12,11]],"date-time":"2024-12-11T00:00:00Z","timestamp":1733875200000},"content-version":"vor","delay-in-days":345,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["U1833107"],"award-info":[{"award-number":["U1833107"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100005145","name":"Basic Research Program of Jiangsu Province","doi-asserted-by":"publisher","award":["BK20230558"],"award-info":[{"award-number":["BK20230558"]}],"id":[{"id":"10.13039\/501100005145","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100002881","name":"Civil Aviation University of China","doi-asserted-by":"publisher","award":["MHFLW202304"],"award-info":[{"award-number":["MHFLW202304"]}],"id":[{"id":"10.13039\/501100002881","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["onlinelibrary.wiley.com"],"crossmark-restriction":true},"short-container-title":["International Journal of Intelligent Systems"],"published-print":{"date-parts":[[2024,1]]},"abstract":"<jats:p>In response to the limitations of traditional fuzzing approaches that rely on static mutators and fail to dynamically adjust their test case mutations for deeper testing, resulting in the inability to generate targeted inputs to trigger vulnerabilities, this paper proposes a directed fuzzing methodology termed DocFuzz, which is predicated on a feedback mechanism mutator. Initially, a sanitizer is used to target the source code of the tested program and stake in code blocks that may have vulnerabilities. After this, a taint tracking module is used to associate the target code block with the bytes in the test case, forming a high\u2010value byte set. Then, the reinforcement learning mutator of DocFuzz is used to mutate the high\u2010value byte set, generating well\u2010structured inputs that can cover the target code blocks. Finally, utilizing the feedback mechanism of DocFuzz, when the reinforcement learning mutator converges and ceases to optimize, the fuzzer is rebooted to continue mutating toward directions that are more likely to trigger vulnerabilities. Comparative experiments are conducted on multiple test sets, including LAVA\u2010M, and the experimental results demonstrate that the proposed DocFuzz methodology surpasses other fuzzing techniques, offering a more precise, rapid, and effective means of detecting vulnerabilities in source code.<\/jats:p>","DOI":"10.1155\/int\/7931792","type":"journal-article","created":{"date-parts":[[2024,12,11]],"date-time":"2024-12-11T22:49:43Z","timestamp":1733957383000},"update-policy":"https:\/\/doi.org\/10.1002\/crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["DocFuzz: A Directed Fuzzing Method Based on a Feedback Mechanism Mutator"],"prefix":"10.1155","volume":"2024","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-7713-9348","authenticated-orcid":false,"given":"Lixia","family":"Xie","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-5869-6517","authenticated-orcid":false,"given":"Yuheng","family":"Zhao","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6955-2503","authenticated-orcid":false,"given":"Hongyu","family":"Yang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-8839-8718","authenticated-orcid":false,"given":"Ziwen","family":"Zhao","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7156-256X","authenticated-orcid":false,"given":"Ze","family":"Hu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1966-0864","authenticated-orcid":false,"given":"Liang","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8432-2426","authenticated-orcid":false,"given":"Xiang","family":"Cheng","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"311","published-online":{"date-parts":[[2024,12,11]]},"reference":[{"key":"e_1_2_14_1_2","doi-asserted-by":"crossref","unstructured":"ChenJ. ChenJ. GuoD. andToweyD. An Improved Fuzzing Approach Based on Adaptive Random Testing Proceedings of 2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW 2020) October 2020 103\u2013108 https:\/\/doi.org\/10.1109\/issrew51248.2020.00045.","DOI":"10.1109\/ISSREW51248.2020.00045"},{"key":"e_1_2_14_2_2","doi-asserted-by":"publisher","DOI":"10.1145\/3648468"},{"key":"e_1_2_14_3_2","doi-asserted-by":"publisher","DOI":"10.1007\/s00500-023-09306-2"},{"key":"e_1_2_14_4_2","doi-asserted-by":"publisher","DOI":"10.1145\/3623375"},{"key":"e_1_2_14_5_2","doi-asserted-by":"publisher","DOI":"10.1155\/2022\/1176898"},{"key":"e_1_2_14_6_2","doi-asserted-by":"publisher","DOI":"10.1145\/3512345"},{"key":"e_1_2_14_7_2","doi-asserted-by":"publisher","DOI":"10.1109\/access.2022.3233875"},{"key":"e_1_2_14_8_2","doi-asserted-by":"publisher","DOI":"10.1109\/ms.2020.3016773"},{"key":"e_1_2_14_9_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102813"},{"volume-title":"American Fuzz Lop","year":"2024","author":"Zalewski M.","key":"e_1_2_14_10_2"},{"key":"e_1_2_14_11_2","doi-asserted-by":"crossref","unstructured":"B\u00f6hmeM. PhamV. andRoychoudhuryA. Coverage-Based Greybox Fuzzing as Markov Chain Proceedings of 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS\u201916) October 2016 1032\u20131043.","DOI":"10.1145\/2976749.2978428"},{"key":"e_1_2_14_12_2","doi-asserted-by":"crossref","unstructured":"RawatS. JainV. KumarA. CojocarL. GiuffridaC. andBosH. VUzzer: Application-Aware Evolutionary Fuzzing Proceedings of 24th Annual Network and Distributed System Security Symposium (NDSS 2017) February 2017 1\u201314.","DOI":"10.14722\/ndss.2017.23404"},{"key":"e_1_2_14_13_2","doi-asserted-by":"crossref","unstructured":"ChenP.andChenH. Angora: Efficient Fuzzing by Principled Search Proceedings of 2018 IEEE Symposium on Security and Privacy (SP 2018) May 2018 711\u2013725 https:\/\/doi.org\/10.1109\/sp.2018.00046 2-s2.0-85051047360.","DOI":"10.1109\/SP.2018.00046"},{"key":"e_1_2_14_14_2","doi-asserted-by":"crossref","unstructured":"LuoC. MengW. andLiP. SelectFuzz: Efficient Directed Fuzzing with Selective Path Exploration Proceedings of 2023 IEEE Symposium on Security and Privacy (SP 2023) May 2023 2693\u20132707 https:\/\/doi.org\/10.1109\/sp46215.2023.10179296.","DOI":"10.1109\/SP46215.2023.10179296"},{"key":"e_1_2_14_15_2","doi-asserted-by":"crossref","unstructured":"LiY. ChenB. ChandramohanM. LinS. LiuY. andTiuA. Steelix: Program-State Based Binary Fuzzing Proceedings of 11th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC\/FSE 2017) September 2017 627\u2013637 https:\/\/doi.org\/10.1145\/3106237.3106295 2-s2.0-85030775618.","DOI":"10.1145\/3106237.3106295"},{"key":"e_1_2_14_16_2","doi-asserted-by":"crossref","unstructured":"BernhardL. ScharnowskiT. SchloegelM. BlazytkoT. andHolzT. JIT-picking: Differential Fuzzing of JavaScript Engines Proceedings of 2022 ACM SIGSAC Conference on Computer and Communications Security (CCS\u201922) November 2022 351\u2013364.","DOI":"10.1145\/3548606.3560624"},{"key":"e_1_2_14_17_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10462-021-10108-x"},{"key":"e_1_2_14_18_2","unstructured":"LyuC. JiS. ZhangC.et al. MOPT: Optimized Mutation Scheduling for Fuzzers Proceedings of 28th USENIX Security Symposium (USENIX Security 2019) August 2019 1949\u20131966."},{"key":"e_1_2_14_19_2","doi-asserted-by":"crossref","unstructured":"ZhuX.andB\u00f6hmeM. Regression Greybox Fuzzing Proceedings of 2021 ACM SIGSAC Conference on Computer and Communications Security (CCS\u201921) November 2021 2169\u20132182 https:\/\/doi.org\/10.1145\/3460120.3484596.","DOI":"10.1145\/3460120.3484596"},{"key":"e_1_2_14_20_2","doi-asserted-by":"crossref","unstructured":"PaduraruC. PaduraruM. andStefanescuA. RiverFuzzRL-an Open-Source Tool to Experiment with Reinforcement Learning for Fuzzing Proceedings of 14th IEEE Conference on Software Testing Verification and Validation (ICST 2021) April 2021 430\u2013435.","DOI":"10.1109\/ICST49551.2021.00055"},{"key":"e_1_2_14_21_2","doi-asserted-by":"crossref","unstructured":"JhaP. ScottJ. GaneshnaJ. S. SinghM. andGaneshV. BertRLFuzzer: A BERT and Reinforcement Learning Based Fuzzer (Student Abstract) 38 Proceedings of the AAAI Conference on Artificial Intelligence April 2024 no. 21 23521\u201323522 https:\/\/doi.org\/10.1609\/aaai.v38i21.30455.","DOI":"10.1609\/aaai.v38i21.30455"},{"key":"e_1_2_14_22_2","doi-asserted-by":"publisher","DOI":"10.1109\/tr.2018.2834476"},{"key":"e_1_2_14_23_2","doi-asserted-by":"publisher","DOI":"10.1002\/stvr.1869"},{"key":"e_1_2_14_24_2","doi-asserted-by":"crossref","unstructured":"AschermannC. SchumiloS. BlazytkoT. GawlikR. andHolzT. REDQUEEN: Fuzzing with Input-To-State Correspondence Proceedings of 26th Annual Network and Distributed System Security Symposium (NDSS 2019) February 2019 1\u201315.","DOI":"10.14722\/ndss.2019.23371"},{"key":"e_1_2_14_25_2","doi-asserted-by":"crossref","unstructured":"SongD. LettnerJ. RajasekaranP.et al. SoK: Sanitizing for Security Proceedings of 2019 IEEE Symposium on Security and Privacy (SP 2019) May 2019 1275\u20131295 https:\/\/doi.org\/10.1109\/sp.2019.00010 2-s2.0-85053860168.","DOI":"10.1109\/SP.2019.00010"},{"key":"e_1_2_14_26_2","unstructured":"PotapenkoA. Sanitizers. GitHub. Last Modified on 23 August 2024 https:\/\/github.com\/google\/sanitizers."},{"key":"e_1_2_14_27_2","unstructured":"SerebryanyK. BrueningD. PotapenkoA. andVyukovD. Addresssanitizer: A Fast Address Sanity Checker Proceedings of 2012 USENIX Annual Technical Conference (USENIX ATC 2012) June 2012 309\u2013318."},{"key":"e_1_2_14_28_2","doi-asserted-by":"crossref","unstructured":"GaneshV. LeekT. andRinardM. Taint-based Directed Whitebox Fuzzing Proceedings of 31st IEEE International Conference on Software Engineering May 2009 474\u2013484 https:\/\/doi.org\/10.1109\/icse.2009.5070546 2-s2.0-77949898398.","DOI":"10.1109\/ICSE.2009.5070546"},{"key":"e_1_2_14_29_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.rser.2021.111833"},{"key":"e_1_2_14_30_2","doi-asserted-by":"publisher","DOI":"10.1088\/2631-8695\/ad4255"},{"key":"e_1_2_14_31_2","doi-asserted-by":"crossref","unstructured":"B\u00f6ttingerK. GodefroidP. andSinghR. Deep Reinforcement Fuzzing Proceedings of 2018 IEEE Security and Privacy Workshops (SPW 2018) May 2018 116\u2013122 https:\/\/doi.org\/10.1109\/spw.2018.00026 2-s2.0-85052244172.","DOI":"10.1109\/SPW.2018.00026"},{"key":"e_1_2_14_32_2","doi-asserted-by":"publisher","DOI":"10.1561\/2200000086"},{"key":"e_1_2_14_33_2","doi-asserted-by":"publisher","DOI":"10.1145\/3603703"},{"key":"e_1_2_14_34_2","doi-asserted-by":"crossref","unstructured":"Dolan-GavittB. HulinP. KirdaE.et al. LAVA: Large-Scale Automated Vulnerability Addition Proceedings of 2016 IEEE Symposium on Security and Privacy (SP 2016) May 2016 110\u2013121.","DOI":"10.1109\/SP.2016.15"},{"key":"e_1_2_14_35_2","doi-asserted-by":"publisher","DOI":"10.1109\/msp.2016.14"},{"key":"e_1_2_14_36_2","unstructured":"ArnoldN. The Patroit Missile Failure. CSE. Last Modified on 23 August 2000 2024 https:\/\/www.ima.umn.edu\/%7Earnold\/disasters\/patriot.html."}],"container-title":["International Journal of Intelligent Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/pdf\/10.1155\/int\/7931792","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,12,11]],"date-time":"2024-12-11T22:49:53Z","timestamp":1733957393000},"score":1,"resource":{"primary":{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/10.1155\/int\/7931792"}},"subtitle":[],"editor":[{"given":"Yu-an","family":"Tan","sequence":"additional","affiliation":[],"role":[{"role":"editor","vocabulary":"crossref"}]}],"short-title":[],"issued":{"date-parts":[[2024,1]]},"references-count":36,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2024,1]]}},"alternative-id":["10.1155\/int\/7931792"],"URL":"https:\/\/doi.org\/10.1155\/int\/7931792","archive":["Portico"],"relation":{},"ISSN":["0884-8173","1098-111X"],"issn-type":[{"type":"print","value":"0884-8173"},{"type":"electronic","value":"1098-111X"}],"subject":[],"published":{"date-parts":[[2024,1]]},"assertion":[{"value":"2024-03-03","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-11-01","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-12-11","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}],"article-number":"7931792"}}