Steelix: program-state based binary fuzzing-Reference-Cited by-同舟云学术

Steelix: program-state based binary fuzzing

Published:2017-08-21 Issue: Volume: Page:
ISSN:
Container-title:Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering
language:
Short-container-title:

Author:

Li Yuekang¹,Chen Bihuan²,Chandramohan Mahinthan¹,Lin Shang-Wei¹,Liu Yang¹,Tiu Alwen¹

Affiliation:

1. Nanyang Technological University, Singapore

2. Fudan University, China / Nanyang Technological University, Singapore

Funder

National Research Foundation Singapore

National Natural Science Foundation of China

Publisher

ACM

Link

https://dl.acm.org/doi/pdf/10.1145/3106237.3106295

Reference31 articles.

1. 1999. Tcpdump & Libpcap. (1999). http://www.tcpdump.org. 2001. Libtiff. (2001). http://www.libtiff.org. 2002. Libpng. (2002). http://www.libpng.org. 2003. Gzip. (2003). http://www.gzip.org. 2005. Defense Advanced Research Projects Agency. (2005). http://www.darpa. mil/. 2005. Dyninst API. (2005). http://www.dyninst.org/dyninst. 2006. The Patroit Missile Failure. (2006). https://www.ima.umn.edu/~arnold/ disasters/patriot.html. 2014. American fuzzy lop. (2014). http://lcamtuf.coredump.cx/afl/. 2014. Cyber Grand Challenge. (2014). http://archive.darpa.mil/ cybergrandchallenge/about.html. 2014. Spike fuzzer platform. (2014). http://www.immunitysec.com/. 2015. AFL-dyninst. (2015). https://github.com/vrtadmin/moflow/tree/master/ afl-dyninst. 2015. AFL-QEMU. (2015). http://lcamtuf.coredump.cx/afl/technical_details.txt. 2015. AFLPIN. (2015). https://github.com/mothran/aflpin. 2015. Peach fuzzer platform. (2015). http://www.peachfuzzer.com/products/ peach-platform/. 2015. Sdl Process: Verification. (2015). https://www.microsoft.com/en-us/sdl/ process/verification.aspx. 2016. The bug-o-rama trophy case of AFL. (2016). http://lcamtuf.coredump.cx/ afl/#bugs. 2016. Circumventing fuzzing roadblocks with compiler transformations. (2016). 1999. Tcpdump & Libpcap. (1999). http://www.tcpdump.org. 2001. Libtiff. (2001). http://www.libtiff.org. 2002. Libpng. (2002). http://www.libpng.org. 2003. Gzip. (2003). http://www.gzip.org. 2005. Defense Advanced Research Projects Agency. (2005). http://www.darpa. mil/. 2005. Dyninst API. (2005). http://www.dyninst.org/dyninst. 2006. The Patroit Missile Failure. (2006). https://www.ima.umn.edu/~arnold/ disasters/patriot.html. 2014. American fuzzy lop. (2014). http://lcamtuf.coredump.cx/afl/. 2014. Cyber Grand Challenge. (2014). http://archive.darpa.mil/ cybergrandchallenge/about.html. 2014. Spike fuzzer platform. (2014). http://www.immunitysec.com/. 2015. AFL-dyninst. (2015). https://github.com/vrtadmin/moflow/tree/master/ afl-dyninst. 2015. AFL-QEMU. (2015). http://lcamtuf.coredump.cx/afl/technical_details.txt. 2015. AFLPIN. (2015). https://github.com/mothran/aflpin. 2015. Peach fuzzer platform. (2015). http://www.peachfuzzer.com/products/ peach-platform/. 2015. Sdl Process: Verification. (2015). https://www.microsoft.com/en-us/sdl/ process/verification.aspx. 2016. The bug-o-rama trophy case of AFL. (2016). http://lcamtuf.coredump.cx/ afl/#bugs. 2016. Circumventing fuzzing roadblocks with compiler transformations. (2016).

2. https://lafintel.wordpress.com/2016/08/15/ circumventing-fuzzing-roadblocks-with-compiler-transformations/. 2016. DARPA Challenge Binaries on Linux and OS X. (2016). https://github. com/trailofbits/cb-multios/. 2016. Driller Source Code. (2016). https://github.com/shellphish/driller. 2016. IDAPython. (2016). https://www.hex-rays.com/products/ida/support/ idapython_docs/. 2017. Steelix. (2017). https://sites.google.com/site/steelix2017/. https://lafintel.wordpress.com/2016/08/15/ circumventing-fuzzing-roadblocks-with-compiler-transformations/. 2016. DARPA Challenge Binaries on Linux and OS X. (2016). https://github. com/trailofbits/cb-multios/. 2016. Driller Source Code. (2016). https://github.com/shellphish/driller. 2016. IDAPython. (2016). https://www.hex-rays.com/products/ida/support/ idapython_docs/. 2017. Steelix. (2017). https://sites.google.com/site/steelix2017/.

3. Brad Arkin. 2009. Adobe Reader and Acrobat Security Initiative. (2009). http: //blogs.adobe.com/security/2009/05/adobe_reader_and_acrobat_secur.html. Brad Arkin. 2009. Adobe Reader and Acrobat Security Initiative. (2009). http: //blogs.adobe.com/security/2009/05/adobe_reader_and_acrobat_secur.html.

4. Domagoj Babić Lorenzo Martignoni Stephen McCamant and Dawn Song. 2011. Statically-directed Dynamic Automated Test Generation. In ISSTA. 12–22. 10.1145/2001420.2001423 Domagoj Babić Lorenzo Martignoni Stephen McCamant and Dawn Song. 2011. Statically-directed Dynamic Automated Test Generation. In ISSTA. 12–22. 10.1145/2001420.2001423

5. Marcel Böhme Van-Thuan Pham and Abhik Roychoudhury. 2016. Coveragebased Greybox Fuzzing as Markov Chain. In CCS. 1032–1043. 10.1145/2976749.2978428 Marcel Böhme Van-Thuan Pham and Abhik Roychoudhury. 2016. Coveragebased Greybox Fuzzing as Markov Chain. In CCS. 1032–1043. 10.1145/2976749.2978428

Cited by 192 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. CatchFuzz: Reliable active anti-fuzzing techniques against coverage-guided fuzzer;Computers & Security;2024-08

2. sqlFuzz: Directed Fuzzing for SQL Injection Vulnerability;Electronics;2024-07-26

3. SLIMECRAFT: State Learning for Client-Server Regression Analysis and Fault Testing;2024 IEEE 48th Annual Computers, Software, and Applications Conference (COMPSAC);2024-07-02

4. Graph Confident Learning for Software Vulnerability Detection;Engineering Applications of Artificial Intelligence;2024-07

5. MicroFuzz: An Efficient Fuzzing Framework for Microservices;Proceedings of the 46th International Conference on Software Engineering: Software Engineering in Practice;2024-04-14