{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T01:41:26Z","timestamp":1760146886000,"version":"build-2065373602"},"reference-count":40,"publisher":"MDPI AG","issue":"4","license":[{"start":{"date-parts":[[2024,12,14]],"date-time":"2024-12-14T00:00:00Z","timestamp":1734134400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Software"],"abstract":"<jats:p>Software testing is an important step in the software development life cycle to ensure the quality and security of software. Fuzzing is a security testing technique that finds vulnerabilities automatically without accessing the source code. We built a fuzzer, called JIMA-Fuzzing, which is an effective fuzzing tool that utilizes grammar detected from sample input. Based on the detected grammar, JIMA-Fuzzing selects a portion of the valid user input and fuzzes that portion. For example, the tool may greatly increase the size of the input, truncate the input, replace numeric values with new values, replace words with numbers, etc. This paper discusses how JIMA-Fuzzing works and shows the evaluation results after testing against the DARPA Cyber Grand Challenge (CGC) dataset. JIMA-Fuzzing is capable of extracting grammar from sample input files, meaning that it does not require access to the source code to generate effective fuzzing files. This feature allows it to work with proprietary or non-open-source programs and significantly reduces the effort needed from human testers. In addition, compared to fuzzing tools guided with symbolic execution or taint analysis, JIMA-Fuzzing takes much less computing power and time to analyze sample input and generate fuzzing files. However, the limitation is that JIMA-Fuzzing relies on good sample inputs and works primarily on programs that require user interaction\/input.<\/jats:p>","DOI":"10.3390\/software3040028","type":"journal-article","created":{"date-parts":[[2024,12,17]],"date-time":"2024-12-17T06:26:12Z","timestamp":1734416772000},"page":"569-586","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["A Fuzzing Tool Based on Automated Grammar Detection"],"prefix":"10.3390","volume":"3","author":[{"ORCID":"https:\/\/orcid.org\/0009-0009-6954-6822","authenticated-orcid":false,"given":"Jia","family":"Song","sequence":"first","affiliation":[{"name":"Center for Secure and Dependable Systems, University of Idaho, Moscow, ID 83844, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5125-1470","authenticated-orcid":false,"given":"Jim","family":"Alves-Foss","sequence":"additional","affiliation":[{"name":"Center for Secure and Dependable Systems, University of Idaho, Moscow, ID 83844, USA"}]}],"member":"1968","published-online":{"date-parts":[[2024,12,14]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"32","DOI":"10.1145\/96267.96279","article-title":"An Empirical Study of the Reliability of UNIX Utilities","volume":"33","author":"Miller","year":"1990","journal-title":"Commun. ACM"},{"key":"ref_2","unstructured":"Sutton, M., Greene, A., and Amini, P. (2007). Fuzzing: Brute Force Vulnerability Discovery, Addison-Wesley Professional."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"58","DOI":"10.1109\/MSP.2005.55","article-title":"Violating Assumptions with Fuzzing","volume":"3","author":"Oehlert","year":"2005","journal-title":"IEEE Secur. Priv."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"72","DOI":"10.1109\/MSP.2015.132","article-title":"The DARPA Cyber Grand Challenge: A Competitor\u2019s Perspective","volume":"13","author":"Song","year":"2015","journal-title":"IEEE Secur. Priv."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"76","DOI":"10.1109\/MSP.2016.14","article-title":"The DARPA Cyber Grand Challenge: A Competitor\u2019s Perspective, Part 2","volume":"14","author":"Song","year":"2016","journal-title":"IEEE Secur. Priv."},{"key":"ref_6","unstructured":"Google (2024, June 01). libFuzzer. Available online: https:\/\/llvm.org\/docs\/LibFuzzer.html."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Deng, Y., Xia, C., Yang, C., Zhang, S., Yang, S., and Zhang, L. (2024, January 14\u201320). Large Language Models are Edge-Case Generators: Crafting Unusual Programs for Fuzzing Deep Learning Libraries. Proceedings of the 2024 IEEE\/ACM 46th International Conference on Software Engineering (ICSE), Los Alamitos, CA, USA.","DOI":"10.1145\/3597503.3623343"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Eisele, M., Ebert, D., Huth, C., and Zeller, A. (2023, January 17\u201321). Fuzzing Embedded Systems using Debug Interfaces. Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2023, New York, NY, USA.","DOI":"10.1145\/3597926.3598115"},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Trickel, E., Pagani, F., Zhu, C., Dresel, L., Vigna, G., Kruegel, C., Wang, R., Bao, T., Shoshitaishvili, Y., and Doup\u00e9, A. (2023, January 21\u201325). Toss a Fault to Your Witcher: Applying Grey-box Coverage-Guided Mutational Fuzzing to Detect SQL and Command Injection Vulnerabilities. Proceedings of the 2023 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA.","DOI":"10.1109\/SP46215.2023.10179317"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Lemieux, C., and Sen, K. (2018, January 3\u20137). FairFuzz: A targeted mutation strategy for increasing greybox fuzz testing coverage. Proceedings of the 33rd ACM\/IEEE International Conference on Automated Software Engineering, ASE \u201918, New York, NY, USA.","DOI":"10.1145\/3238147.3238176"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Lee, M., Cha, S., and Oh, H. (2023, January 14\u201320). Learning Seed-Adaptive Mutation Strategies for Greybox Fuzzing. Proceedings of the 2023 IEEE\/ACM 45th International Conference on Software Engineering (ICSE), Melbourne, Australia.","DOI":"10.1109\/ICSE48619.2023.00043"},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Herrera, A., Gunadi, H., Magrath, S., Norrish, M., Payer, M., and Hosking, A.L. (2021, January 12). Seed selection for successful fuzzing. Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2021, Virtual.","DOI":"10.1145\/3460319.3464795"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Liu, X., You, W., Zhang, Z., and Zhang, X. (2022, January 18\u201322). TensileFuzz: Facilitating seed input generation in fuzzing via string constraint solving. Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2022, Virtual.","DOI":"10.1145\/3533767.3534403"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"You, W., Liu, X., Ma, S., Perry, D., Zhang, X., and Liang, B. (2019, January 25\u201331). SLF: Fuzzing without Valid Seed Inputs. Proceedings of the 2019 IEEE\/ACM 41st International Conference on Software Engineering (ICSE), Montreal, QC, Canada.","DOI":"10.1109\/ICSE.2019.00080"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"95061","DOI":"10.1109\/ACCESS.2021.3093904","article-title":"Fuzzing With Optimized Grammar-Aware Mutation Strategies","volume":"9","author":"Deng","year":"2021","journal-title":"IEEE Access"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Jitsunari, Y., and Arahori, Y. (2019, January 22\u201323). Coverage-Guided Learning-Assisted Grammar-Based Fuzzing. Proceedings of the 2019 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW), Xi\u2019an, China.","DOI":"10.1109\/ICSTW.2019.00065"},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"82","DOI":"10.1145\/2408776.2408795","article-title":"Symbolic Execution for Software Testing: Three Decades Later","volume":"56","author":"Cadar","year":"2013","journal-title":"Commun. ACM"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Cadar, C., Godefroid, P., Khurshid, S., P\u0103s\u0103reanu, C.S., Sen, K., Tillmann, N., and Visser, W. (2011, January 21\u201328). Symbolic Execution for Software Testing in Practice: Preliminary Assessment. Proceedings of the 33rd International Conference on Software Engineering, ICSE \u201911, Honolulu, HI, USA.","DOI":"10.1145\/1985793.1985995"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Mouzarani, M., Sadeghiyan, B., and Zolfaghari, M. (2015, January 18\u201320). A Smart Fuzzing Method for Detecting Heap-Based Buffer Overflow in Executable Codes. Proceedings of the 21st IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2015, Zhangjiajie, China.","DOI":"10.1109\/PRDC.2015.10"},{"key":"ref_20","unstructured":"Newsome, J., and Song, D. (2005, January 3\u20134). Dynamic taint analysis: Automatic detection, analysis, and signature generation of exploit attacks on commodity software. Proceedings of the 12th Network and Distributed Systems Security Symposium, San Diego, CA, USA."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Schwartz, E.J., Avgerinos, T., and Brumley, D. (2010, January 16\u201319). All You Ever Wanted to Know about Dynamic Taint Analysis and Forward Symbolic Execution (but Might Have Been Afraid to Ask). Proceedings of the 2010 IEEE Symposium on Security and Privacy, Oakland, CA, USA.","DOI":"10.1109\/SP.2010.26"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Clause, J., Li, W., and Orso, A. (2007, January 9\u201312). Dytan: A Generic Dynamic Taint Analysis Framework. Proceedings of the 2007 International Symposium on Software Testing and Analysis, ISSTA \u201907, New York, NY, USA.","DOI":"10.1145\/1273463.1273490"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Cai, J., Yang, S., Men, J., and He, J. (2014, January 27\u201329). Automatic software vulnerability detection based on guided deep fuzzing. Proceedings of the 2014 5th IEEE International Conference on Software Engineering and Service Science (ICSESS), Beijing, China.","DOI":"10.1109\/ICSESS.2014.6933551"},{"key":"ref_24","first-page":"200","article-title":"A Study on Using Code Coverage Information Extracted from Binary to Guide Fuzzing","volume":"14","author":"Lou","year":"2020","journal-title":"Int. J. Comput. Sci. Secur."},{"key":"ref_25","unstructured":"Zalewski, M. (2024, June 01). American Fuzzy Lop. Available online: http:\/\/lcamtuf.coredump.cx\/afl\/."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"H\u00f6schele, M., and Zeller, A. (2016, January 3\u20137). Mining Input Grammars from Dynamic Taints. Proceedings of the 31st IEEE\/ACM International Conference on Automated Software Engineering, ASE 2016, Singapore.","DOI":"10.1145\/2970276.2970321"},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Bastani, O., Sharma, R., Aiken, A., and Liang, P. (2017, January 18\u201323). Synthesizing Program Input Grammars. Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2017, Barcelona, Spain.","DOI":"10.1145\/3062341.3062349"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Godefroid, P., Peleg, H., and Singh, R. (November, January 30). Learn&Fuzz: Machine Learning for Input Fuzzing. Proceedings of the 32nd IEEE\/ACM International Conference on Automated Software Engineering, ASE 2017, Urbana, IL, USA.","DOI":"10.1109\/ASE.2017.8115618"},{"key":"ref_29","unstructured":"H\u00f6schele, M., Kampmann, A., and Zeller, A. (2017). Active Learning of Input Grammars. arXiv."},{"key":"ref_30","unstructured":"Meng, R., Mirchev, M., B\u00f6hme, M., and Roychoudhury, A. (March, January 26). Large Language Model guided Protocol Fuzzing. Proceedings of the 31st Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA, USA."},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Jain, N., Vaidyanath, S., Iyer, A., Natarajan, N., Parthasarathy, S., Rajamani, S., and Sharma, R. (2022, January 21\u201329). Jigsaw: Large language models meet program synthesis. Proceedings of the 44th International Conference on Software Engineering, ICSE \u201922, Pittsburgh, PA, USA.","DOI":"10.1145\/3510003.3510203"},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Fan, Z., Gao, X., Mirchev, M., Roychoudhury, A., and Tan, S. (2023, January 14\u201320). Automated Repair of Programs from Large Language Models. Proceedings of the 2023 IEEE\/ACM 45th International Conference on Software Engineering (ICSE), Melbourne, Australia.","DOI":"10.1109\/ICSE48619.2023.00128"},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Zhang, S., Chen, Z., Shen, Y., Ding, M., Tenenbaum, J.B., and Gan, C. (2023, January 1\u20135). Planning with Large Language Models for Code Generation. Proceedings of the Eleventh International Conference on Learning Representations, Kigali, Rwanda.","DOI":"10.1109\/ICCAD57390.2023.10323944"},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Deng, Y., Xia, C.S., Peng, H., Yang, C., and Zhang, L. (2022). Large Language Models are Zero-Shot Fuzzers: Fuzzing Deep-Learning Libraries via Large Language Models. arXiv.","DOI":"10.1145\/3597926.3598067"},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Xia, C.S., Paltenghi, M., Tian, J.L., Pradel, M., and Zhang, L. (2024). Fuzz4All: Universal Fuzzing with Large Language Models. arXiv.","DOI":"10.1145\/3597503.3639121"},{"key":"ref_36","unstructured":"(2023, December 05). DARPA Cyber Grand Challenge Data Archive. Available online: http:\/\/www.lungetech.com\/cgc-corpus\/."},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Godefroid, P., Kiezun, A., and Levin, M.Y. (2008, January 7\u201313). Grammar-based Whitebox Fuzzing. Proceedings of the 29th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI \u201908, Tucson, AZ, USA.","DOI":"10.1145\/1375581.1375607"},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Stephens, N., Grosen, J., Salls, C., Dutcher, A., Wang, R., Corbetta, J., Shoshitaishvili, Y., Kruegel, C., and Vigna, G. (2016, January 21\u201324). Driller: Augmenting Fuzzing Through Selective Symbolic Execution. Proceedings of the 23nd Annual Network and Distributed System Security Symposium, NDSS 2016, San Diego, CA, USA.","DOI":"10.14722\/ndss.2016.23368"},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Peng, H., Shoshitaishvili, Y., and Payer, M. (2018, January 20\u201324). T-Fuzz: Fuzzing by Program Transformation. Proceedings of the 2018 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA.","DOI":"10.1109\/SP.2018.00056"},{"key":"ref_40","unstructured":"Rawat, S., Jain, V., Kumar, A., Cojocar, L., Giuffrida, C., and Bos, H. (March, January 26). VUzzer: Application-aware Evolutionary Fuzzing. Proceedings of the NDSS, San Diego, CA, USA."}],"container-title":["Software"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2674-113X\/3\/4\/28\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T16:55:25Z","timestamp":1760115325000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2674-113X\/3\/4\/28"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,14]]},"references-count":40,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2024,12]]}},"alternative-id":["software3040028"],"URL":"https:\/\/doi.org\/10.3390\/software3040028","relation":{},"ISSN":["2674-113X"],"issn-type":[{"type":"electronic","value":"2674-113X"}],"subject":[],"published":{"date-parts":[[2024,12,14]]}}}