SoK: Where to Fuzz? Assessing Target Selection Methods in Directed Fuzzing-Reference-Cited by-同舟云学术

SoK: Where to Fuzz? Assessing Target Selection Methods in Directed Fuzzing

Published:2024-07 Issue: Volume:5 Page:1539-1553
ISSN:
Container-title:Proceedings of the 19th ACM Asia Conference on Computer and Communications Security
language:
Short-container-title:

Author:

Weissberg Felix¹^ORCID,Möller Jonas¹^ORCID,Ganz Tom²^ORCID,Imgrund Erik³^ORCID,Pirch Lukas¹^ORCID,Seidel Lukas⁴^ORCID,Schloegel Moritz⁵^ORCID,Eisenhofer Thorsten¹^ORCID,Rieck Konrad¹⁶^ORCID

Affiliation:

1. Technische Universität Berlin, Berlin, Germany

2. SAP Security Research, Karlsruhe, Germany

3. SAP Security Research, Walldorf, Germany

4. Binarly, Santa Monica, USA

5. CISPA Helmholtz Center for Information Security, Saarbrücken, Germany

6. Technische Universität Wien, Vienna, Austria

Funder

European Research Council

German Research Foundation

German Federal Ministry of Education and Research

Publisher

ACM

Reference82 articles.

1. A Comparison of Open-Source Static Analysis Tools for Vulnerability Detection in C/C++ Code

2. Ijon: Exploring Deep State Spaces via Fuzzing

3. Cornelius Aschermann, Sergej Schumilo, Tim Blazytko, Robert Gawlik, and Thorsten Holz. 2019. REDQUEEN: Fuzzing with Input-to-State Correspondence.. In Proc. of the Network and Distributed System Security Symposium (NDSS).

4. Nils Bars, Moritz Schloegel, Tobias Scharnowski, Nico Schiller, and Thorsten Holz. 2023. Fuzztruction: Using Fault Injection-based Fuzzing to Leverage Implicit Domain Knowledge.. In Proc. of the USENIX Security Symposium.

5. Tim Blazytko, Cornelius Aschermann, Moritz Schlögel, Ali Abbasi, Sergej Schumilo, Simon Wörner, and Thorsten Holz. 2019. GRIMOIRE: Synthesizing Structure while Fuzzing.. In Proc. of the USENIX Security Symposium. 1985--2002.