{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,12]],"date-time":"2025-10-12T04:03:43Z","timestamp":1760241823627,"version":"build-2065373602"},"reference-count":28,"publisher":"MDPI AG","issue":"10","license":[{"start":{"date-parts":[[2018,10,3]],"date-time":"2018-10-03T00:00:00Z","timestamp":1538524800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61379052","61472439","61271252"],"award-info":[{"award-number":["61379052","61472439","61271252"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Symmetry"],"abstract":"<jats:p>AFL (American Fuzzy Lop) is a powerful fuzzing tool that has discovered hundreds of real-world vulnerabilities. Recent efforts are seen to port AFL to a fuzzing Java program and have shown to be effective in Java testing. However, these tools require humans to write driver classes, which is not plausible for testing large-scale software. In addition, AFL generates files as input, making it limited for testing methods that process files. In this paper, we present JDriver, an automatic driver class generation framework for AFL-based fuzzing tools, which can build driver code for methods\u2019 processing files as well as ordinary methods not processing files. Our approach consists of three parts: a dependency-analysis based method to generate method sequences that are able to change the instance\u2019s status so as to exercise more paths, a knowledge assisted method to make instance for the method sequences, and an input-file oriented driver class assembling method to handle the method parameters for ordinary methods. We evaluate JDriver on commons-imaging, a widely used image library provided by the Apache organization. JDriver has successfully generated 149 helper methods which can be used to make instances for 110 classes. Moreover, 99 driver classes are built to cover 422 methods.<\/jats:p>","DOI":"10.3390\/sym10100460","type":"journal-article","created":{"date-parts":[[2018,10,4]],"date-time":"2018-10-04T02:19:49Z","timestamp":1538619589000},"page":"460","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["JDriver: Automatic Driver Class Generation for AFL-Based Java Fuzzing Tools"],"prefix":"10.3390","volume":"10","author":[{"given":"Zhijian","family":"Huang","sequence":"first","affiliation":[{"name":"College of Computer, National University of Defense Technology, Changsha 410073, China"}]},{"given":"Yongjun","family":"Wang","sequence":"additional","affiliation":[{"name":"College of Computer, National University of Defense Technology, Changsha 410073, China"}]}],"member":"1968","published-online":{"date-parts":[[2018,10,3]]},"reference":[{"key":"ref_1","unstructured":"(2018, August 21). American Fuzzy Lop. Available online: http:\/\/lcamtuf.coredump.cx\/afl\/."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Kirsten, R., Luckow, K., and P\u0103s\u0103reanu, C.S. (November, January 30). POSTER: AFL-based Fuzzing for Java with Kelinci. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, Dallas, TX, USA.","DOI":"10.1145\/3133956.3138820"},{"key":"ref_3","unstructured":"(2018, August 21). JQF. Available online: https:\/\/github.com\/rohanpadhye\/jqf."},{"key":"ref_4","unstructured":"(2018, October 01). JDriver. Available online: https:\/\/github.com\/qorost\/jdriver.git."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"6","DOI":"10.1186\/s42400-018-0002-y","article-title":"Fuzzing: A survey","volume":"1","author":"Li","year":"2018","journal-title":"Cybersecurity"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"32","DOI":"10.1145\/96267.96279","article-title":"An Empirical Study of the Reliability of UNIX Utilities","volume":"33","author":"Miller","year":"1990","journal-title":"Commun. ACM"},{"key":"ref_7","unstructured":"(2018, September 21). The Sulley Fuzzer. Available online: https:\/\/github.com\/OpenRCE\/sulley."},{"key":"ref_8","unstructured":"(2018, September 21). The Peach Platform. Available online: https:\/\/www.peach.tech\/products\/peach-fuzzer\/peach-platform\/."},{"key":"ref_9","unstructured":"(2018, September 21). The BFuzz Platform. Available online: https:\/\/github.com\/RootUp\/BFuzz."},{"key":"ref_10","unstructured":"Godefroid, P., Peleg, H., and Singh, R. (November, January 30). Learn&fuzz: Machine learning for input fuzzing. Proceedings of the 32nd IEEE\/ACM International Conference on Automated Software Engineering, Urbana-Champaign, IL, USA."},{"key":"ref_11","unstructured":"Rawat, S., Jain, V., Kumar, A., Cojocar, L., Giuffrida, C., and Bos, H. (March, January 26). Vuzzer: Application-aware evolutionary fuzzing. Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, USA."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Li, Y., Chen, B., Chandramohan, M., Lin, S.W., Liu, Y., and Tiu, A. (2017, January 4\u20138). Steelix: Program-state based binary fuzzing. Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering, Paderborn, Germany.","DOI":"10.1145\/3106237.3106295"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"B\u00f6hme, M., Pham, V.T., and Roychoudhury, A. (2017). Coverage-based greybox fuzzing as markov chain. IEEE Trans. Softw. Eng.","DOI":"10.1145\/3133956.3134020"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Chen, P., and Chen, H. (2018, January 21\u201323). Angora: Efficient Fuzzing by Principled Search. Proceedings of the 2018 IEEE Symposium on Security and Privacy, San Francisco, CA, USA.","DOI":"10.1109\/SP.2018.00046"},{"key":"ref_15","unstructured":"Jayaraman, K., Harvison, D., Ganesh, V., and Kiezun, A. (2009, January 6\u20138). jFuzz: A Concolic Whitebox Fuzzer for Java. Proceedings of the First NASA Formal Methods Symposium, Moffett Field, CA, USA."},{"key":"ref_16","unstructured":"(2018, August 21). NASA Java PathFinder. Available online: http:\/\/javapathfinder.sourceforge.net."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Zhu, H. (2015, January 8\u20139). JFuzz: A Tool for Automated Java Unit Testing Based on Data Mutation and Metamorphic Testing Methods. Proceedings of the 2nd International Conference on Trustworthy Systems and Their Applications, Hualien, Taiwan.","DOI":"10.1109\/TSA.2015.13"},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"1025","DOI":"10.1002\/spe.602","article-title":"Crasher: An automatic robustness tester for Java","volume":"34","author":"Csallner","year":"2004","journal-title":"Softw. Pract. Exp."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Pacheco, C., and Ernst, M.D. (2007, January 21\u201325). Randoop: Feedback-directed Random Testing for Java. Proceedings of the Companion to the 22Nd ACM SIGPLAN Conference on Object-oriented Programming Systems and Applications Companion, Montreal, QC, Canada.","DOI":"10.1145\/1297846.1297902"},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Godefroid, P., Klarlund, N., and Sen, K. (2005, January 12\u201315). DART: Directed Automated Random Testing. Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation, Chicago, IL, USA.","DOI":"10.1145\/1065010.1065036"},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Ma, L., Artho, C., Zhang, C., Sato, H., Gmeiner, J., and Ramler, R. (2015, January 9\u201313). Grt: Program-analysis-guided random testing (t). Proceedings of the 2015 30th IEEE\/ACM International Conference on Automated Software Engineering (ASE), Lincoln, NE, USA.","DOI":"10.1109\/ASE.2015.49"},{"key":"ref_22","unstructured":"(2018, August 21). 10th International Workshop on Search-Based Software Testing. Available online: http:\/\/sbst2017.lafhis.dc.uba.ar."},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Fraser, G., and Arcuri, A. (2011, January 5\u20139). EvoSuite: Automatic Test Suite Generation for Object-oriented Software. Proceedings of the 19th ACM SIGSOFT Symposium and the 13th European Conference on Foundations of Software Engineering, Szeged, Hungary.","DOI":"10.1145\/2025113.2025179"},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"294","DOI":"10.1109\/TSE.2014.2363479","article-title":"Instance generator and problem representation to improve object oriented code coverage","volume":"41","author":"Sakti","year":"2015","journal-title":"IEEE Trans. Softw. Eng."},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Shamshiri, S., Rojas, M., Fraser, G., Mcminn, P., and Arcuri, A. (2015, January 9\u201313). Do Automatically Generated Unit Tests Find Real Faults? An Empirical Study of Effectiveness and Challenges. Proceedings of the 2015 30th IEEE\/ACM International Conference on Automated Software Engineering (ASE), Lincoln, NE, USA.","DOI":"10.1109\/ASE.2015.86"},{"key":"ref_26","unstructured":"(2018, August 21). Java Platform, Standard Edition & Java Development Kit Version 9 API Specification. Available online: https:\/\/docs.oracle.com\/javase\/9\/docs\/api\/index.html?overview-summary.html."},{"key":"ref_27","unstructured":"(2018, August 21). ASM. Available online: http:\/\/https:\/\/asm.ow2.io."},{"key":"ref_28","unstructured":"(2018, August 21). Commons-Imaging. Available online: https:\/\/commons.apache.org\/proper\/commons-imaging."}],"container-title":["Symmetry"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2073-8994\/10\/10\/460\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T15:23:49Z","timestamp":1760196229000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2073-8994\/10\/10\/460"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,10,3]]},"references-count":28,"journal-issue":{"issue":"10","published-online":{"date-parts":[[2018,10]]}},"alternative-id":["sym10100460"],"URL":"https:\/\/doi.org\/10.3390\/sym10100460","relation":{},"ISSN":["2073-8994"],"issn-type":[{"type":"electronic","value":"2073-8994"}],"subject":[],"published":{"date-parts":[[2018,10,3]]}}}