Search Results

Recently, many Deep Learning (DL) fuzzers have been proposed for API-level testing of DL libraries. However, they either perform unguided input generation (e.g., not considering the relationship between API arguments when generating inputs) or only ...

Fuzz testing is an automated testing technique that is recognized for its efficiency and scalability. Despite its advantages, the growing complexity and scale of software has made testing software adequately increasingly challenging. If fuzz ...

We introduce ET, a grammar-based enumerator for validating SMT solver correctness and performance. By compiling grammars of the SMT theories to algebraic datatypes, ET leverages the functional enumerator FEAT. ET is highly effective at bug finding and ...

With the increasing popularity of Decentralized Applications (DApps) in blockchain, securing smart contracts has been a long-term, high-priority subject in the domain. Among the various research directions for vulnerability detection, fuzzing has received ...

In this article we propose a methodology based on fuzzing to test which features are supported by pasers and register an experiment applying this methodology to SystemVerilog-consuming tools. SystemVerilog is a hardware description, specification and ...

Greybox fuzzing is used extensively in research and practice. There are umpteen improvements proposed in the literature to improve greybox fuzzing. However, to what extent do these improvements affect the internal components (or internals) of a given ...

Web APIs are integral to modern web development, enabling service integration and automation. Ensuring their performance and functionality is critical, yet performance testing is less explored due to the difficulty in detecting performance bugs. ...

Deep neural networks (DNN) have been widely deployed in safety-critical domains, such as autonomous cars and healthcare, where error behaviors can lead to serious accidents, testing DNN is extremely important. Neuron coverage-guided fuzz ...

Directed fuzzing recently has gained significant attention due to its ability to reconstruct proof-of-concept (PoC) test cases for target code such as buggy lines or functions. Surprisingly, however, there has been no in-depth study on the way to ...

Autonomous driving systems (ADS) have achieved spectacular development and have been utilized in numerous safety-critical tasks. Nonetheless, in spite of their considerable advancement, ADS perception components with high complexity and low ...

• We leverage OpenSCENARIO to generate realistic and valid scenarios.
• We propose a novel grammar-aware generation strategy.
• We design a testing guidance criterion that induces failure diversity.
• We test steering controller models ...

Smart contracts are computer programs that run on a blockchain. As the functions implemented by smart contracts become increasingly complex, the number of cross-contract interactions within them also rises. Consequently, the ...

• Addressing the challenge of exploding cross-contract transaction sequences.
• Presenting CrossFuzz, optimizing mutation strategies via inter-contract data flow analysis.
• Experimental results show that CrossFuzz outperforms other fuzz ...

While the past decade has witnessed a growing demand for employing deep reinforcement learning (DRL) in various domains to solve real-world problems, the reliability of DRL systems has become more of a concern. In particular, DRL agents are often ...

• We design a coverage-guided fuzzing framework for testing DRL systems.
• We design a gradient ascent-based seed mutation strategy to generate failed cases.
• We propose to analyze the state coverage by maintaining nearest neighbor ...

Starting with a random initial seed, fuzzers search for inputs that trigger bugs or vulnerabilities. However, fuzzers often fail to generate inputs for program paths guarded by restrictive branch conditions. In this paper, we show that by first ...

Built on top of UDP, the recently standardized QUIC protocol primarily aims to gradually replace the TCP plus TLS plus HTTP/2 model. For instance, HTTP/3 is designed to exploit QUIC’s features, including reduced connection establishment time, ...

Greybox fuzzing is a proven and effective testing method for the detection of security vulnerabilities and other bugs in modern software systems. Greybox fuzzing can also be used in combination with a sanitizer, such as AddressSanitizer (ASAN), to ...

Fuzz testing (fuzzing) has witnessed its prosperity in detecting security flaws recently. It generates a large number of test cases and monitors the executions for defects. Fuzzing has detected thousands of bugs and vulnerabilities in various ...

Fuzz testing repeatedly assails software with random inputs in order to trigger unexpected program behaviors, such as crashes or timeouts, and has historically revealed serious security vulnerabilities. In this article, we present HotFuzz, a framework for ...

Fuzzing (aka fuzz testing) shows promising results in security testing. The advantage of fuzzing is the relatively simple applicability compared to comprehensive manual security analysis. However, the effectiveness of black-box fuzzing is hard to ...

SMT solvers are important tools in the field of software engineering, which is often used to determine the satisfiability of formulas in formal methods, such as software verification, program synthesis, program verification, etc. However, due to their ...

OpenCL programs typically employ complex storage models and diverse data types as well as manifest various memory access patterns, which make it challenging to detect the performance problems effectively. However, few research efforts ...

• We present a tool that can detect algorithmic complexity vulnerabilities in OpenCL kernels.