1 |
J. Wang, B. Chen, L. Wei, and Y. Liu, "Superion: Grammar-Aware Greybox Fuzzing," Proceedings of the 41st IEEE/ACM International Conference on Software Engineering, pp. 724-735, May. 2019.
|
2 |
The Clang Team, "Clang 11 documentation," https://clang.llvm.org/docs/SanitizerCoverage.html, Mar. 22, 2020
|
3 |
Google, "chromium bug 944062" https://bugs.chromium.org/p/chromium/issues/detail?id=944062, Apr. 29, 2020
|
4 |
S. GROB, "FuzzIL: Coverage Guided Fuzzing for JavaScript Engines," Ph.D. Thesis, Karlsruhe Institute of Technology, Jan. 2018.
|
5 |
C. Holler and A. Zeller, "Fuzzing with code fragments," Proceedings of the 21st USENIX Security Symposium, pp. 445-458, Aug. 2012.
|
6 |
D. Jang, Z. Tatlock, and S. Lerner, "SafeDispatch: Securing C++ Virtual Calls from Memory Corruption Attacks," NDSS Symposium 2014, Feb. 2014.
|
7 |
G. A. Perez, C. M. Kao, Y. C. Chung, and W. C. Hsu, "A hybrid just-in -time compiler for android: comparing JIT types and the result of cooperation," Proceedings of the 2012 international conference on Compilers, architectures and synthesis for embed -ded systems, pp. 41-51, Oct. 2012.
|
8 |
Lcamtuf, "american fuzzy lop" http://lcamtuf.coredump.cx/afl/, Mar. 18, 2020
|
9 |
Google Project Zero, "fuzzilli" https://github.com/googleprojectzero/fuzzilli, Mar. 18, 2020
|
10 |
Hyuk-woo Park, Sung-kook Kim, and Soo-mook Moon, "Work-in-progress: advanced ahead-of-time compilation for javascript engine," Proceeding of the 2017 International Conference on Compilers, Architectures and Synthesis For Embedded Systems, pp. 1-2, Nov. 2017.
|
11 |
MITRE, "CVE-2019-5782" https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5782, Mar 18, 2020
|
12 |
Mozilla Fuzzing Security, "funfuzz" https://github.com/MozillaSecurity/funfuzz, Mar. 22, 2020
|
13 |
Google Project Zero, "domato" https://github.com/googleprojectzero/domato, Mar. 23, 2020
|
14 |
P. Godefroid, A. Kiezun, and M. Y. Levin, "Grammar-based whitebox fuzzing," Proceedings of the 29th ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 206-215, June 2008.
|
15 |
v8, "v8" https://github.com/v8/v8, Mar. 22, 2020
|
16 |
B. Michael, B. Florian, F. Manuel, L. Francesco, S. Wolfram, T. Nikolai, and V. Herman, "SPUR: a trace-based JIT compiler for CIL." Proceedings of the ACM international conference on Object oriented programming systems languages and applications, pp. 708-725, Oct. 2010.
|
17 |
Min-su Lee, Je-hyun Lee, Ho-bin Kim, and Chan-ho Ryu, "Instrumentation Performance Measurement Technique for Evaluating Efficiency of Binary Analysis Tools," Jonornal of The Korea Institute of information Security & Cryptology, 27(6), pp. 1331-1345, Dec. 2017, 2006.
|
18 |
G. Southern and J. Renau, "Overhead of deoptimization checks in the V8 javascript engine," IEEE International Symposium on Workload Characterization (IISWC), pp. 1-10, Sep. 2016.
|
19 |
N. K. Madhukar, R. Behnam, and H. Ben, "Server-side type profiling for optimizing client-side JavaScript engines," ACM SIGPLAN Notices vol. 51, no.2, pp. 140-153, Oct. 2015.
DOI
|
20 |
M. Yusuf, A. El-Mahdy and E. Rohou, "On-stack replacement to improve JIT-based obfuscation a preliminary study," Proceedings of the 2nd International Japan-Egypt Conference on Electronics, Communications and Computers, pp. 94-99, Mar. 2014.
|