1 |
"CVE Details," https://cve.mitre.org/.
|
2 |
P. Oehlert, "Violating assumptions with fuzzing," In Proc. the IEEE Security & Privacy (S&P), vol. 3, no. 2, pp. 58-62, Mar. 2005.
|
3 |
C. Lewis, B. Rhoden, and C. Sturton, "Using Structured Random Data to Precisely Fuzz Media Players," Project Report, UC Berkeley, Dec. 2007.
|
4 |
D. Thiel, "Exposing Vulnerabilities in Media Software," BlackHat EU, Mar. 2008.
|
5 |
"AtomicParsley," http://atomicparsley.sourceforge.net/.
|
6 |
"Quicktime File Format Specification," https://developer.apple.com/library/mac/documentation/QuickTime/QTFF/QTFFPreface/qtffPreface.html.
|
7 |
M. Sutton and A. Greene, "The Art of File Format Fuzzing," in BlackHat USA, Jul. 2005.
|
8 |
M. Sutton, "FileFuzz," http://osdir.com/ml/security.securiteam/2005-09/msg00007.html.
|
9 |
C. Labs, "ZZUF," http://caca.zoy.org/wiki/zzuf.
|
10 |
B. P. Miller, L. Fredriksen, and B. So, "An Empirical Study of the Reliability of UNIX Utilities," Communications of the ACM, vol. 33, no. 12, pp. 32-44, Dec. 1990.
DOI
|
11 |
M. Sutton, A. Greene, and P. Amini, "Fuzzing: Brute Force Vulnerability Discovery," Addison-Wesley Professional, Jul. 2007.
|
12 |
Oulu University Secure Programming Group, "PROTOS," https://www.ee.oulu.fi/research/ouspg/Protos.
|
13 |
A. Rebert, S. K. Cha, T. Avgerinos, J. Foote, D. Warren, G. Grieco, and D. Brumley, "Optimizing Seed Selection for Fuzzing," In Proc. the USENIX Conference on Security Symposium,, pp. 861-875, Aug. 2014.
|
14 |
S. K. Cha, M. Woo, and D. Brumley, "Program-adaptive Mutational Fuzzing," In Proc. the IEEE Symposium on Security and Privacy (S&P), pp. 725-741, May. 2015.
|
15 |
M. Bohme, P. Van-Thuan, and R. Abhik, "Coverage-based Greybox Fuzzing as Markov Chain," In Proc. the ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 1032-1043, Oct. 2016.
|
16 |
"Symbolic Execution in Vuln Research," https://lcamtuf.blogspot.kr/2015/02/symbolic-execution-in-vuln-research.html.
|
17 |
T. Klein, "A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security," No Starch Press, Nov. 2011.
|
18 |
W. H. Lee, M. Srirangam Ramanujam, and S. Krishnan, "On Designing an Efficient Distributed Black-box Fuzzing System for Mobile Devices," In Proc. the ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 31-42, Apr. 2015.
|