1 |
J. Patra and M. Pradel, "Leaerning to fuzz: Application-independent fuzz testing with probabilistic, generative models of input data," TUDarmstadt, Tech. Rep. TUD-CS-2016-14664, 2016
|
2 |
S. Veggalam, S. Rawat, I. Haller, and H. Bos, "IFuzzer: An evolutionary interprter fuzzer using genetic programming," in Proceedings of the European Symposium on Research in Computer Security, pp. 581-601, Sep. 2016.
|
3 |
Github, "radamsa," https://gitlab.com/akihe/radamsa, Jun. 2019.
|
4 |
Esprima, "Esprima," http://esprima.org, Jun. 2019.
|
5 |
Github, "Test262 ECMAScript conformance test suite," https://github.com/tc39/test262, Jun. 2019.
|
6 |
Github, "CVE-2018-0840 Patch Commit," https://github.com/Microsoft/ChakraCore/commit/24c7fa24623886859c31f9f1173e76977408fce2, Aug. 2019.
|
7 |
Ecma International. "ECMAScript 2015 language specification," https://www.ecma-international.org/ecma-262/6.0, Jun. 2015.
|
8 |
Chromium, "ChakraCore Just-In-Timebugs," https://bugs.chromium.org/p/project-zero/issues/list?q=chakra%20jit&can=1, Aug. 2019.
|
9 |
Github, "CVE-2018-0834 Patch Commit," https://github.com/Microsoft/ChakraCore/commit/6cd503299eac4a5b5ffc0c5bb0d072861f60e183, Aug. 2019.
|
10 |
Github, "CVE-2018-0837 Patch Commit," https://github.com/Microsoft/ChakraCore/commit/043257b7d47afab1240f5dd4cdd10bde38c574c3, Aug. 2019.
|
11 |
Github, "Mozilla Security funfuzz," https://github.com/MozillaSecurity/funfuzz, Jun. 2019
|
12 |
Christian Holler, Kim Herzig, and Andreas Zeller, "Fuzzing with code fragments," In Proceedings of the USENIX Security Symposium, pp 445-458, Aug. 2012.
|
13 |
HyungSeok Han, DongHyeon Oh, and Sang Kil Cha, "CodeAlchemist: Semantics-aware Code Generation to Find Vulnerabilities in JavaScript Engines," In Proceedings of the Network and Distributed System Security Symposium, Feb. 2019.
|
14 |
Suyoung Lee, HyungSeok Han, Sang Kil Cha, and Sooel Son, "Montage: A Neural Network Language Model-Guided JavaScript Fuzzer," In Proceedings of the USENIX Security Symposium, Aug, 2020.
|
15 |
Valentin J. M. Manes, HyungSeok Han, Choongwoo Han, Sang Kil Cha, Manuel Egele, Edward J. Schwartz, and Maverick Woo, "The art, science, and engineering of fuzzing: A survey," Apr. 2019.
|
16 |
S. K. Cha, M. Woo, and D. Brumley, "Program-adaptive mutational fuzzing," in Proceedings of the IEEE Symposium on Security and Privacy, pp. 725-741, May. 2015.
|
17 |
CERT, "Basic Fuzzing Framework," https://www.cert.org/vulnerability-analysis/tools/bff.cfm, Jun, 2019.
|
18 |
Marcel Bohme, Van-Thuan Pham, Manh-Dung Nguyen, and Abhik Roychoudhury, "Directed greybox fuzzing," In Proceedings of the ACM Conference on Computer and Communications Security, pp 2329-2344, Nov. 2017.
|
19 |
Shuitao Gan, Chao Zhang, Xiaojun Qin, Xuwen Tu, Kang Li, Zhongyu Pei, and Zuoning Chen, "CollAFL: Path sensitive fuzzing" In Proceedings of the IEEE Symposium on Security and Privacy, pp 660-677, May. 2018.
|
20 |
Github, "American Fuzzy Lop." https://github.com/google/afl, Jun. 2019.
|
21 |
A. Rebert, S. K. Cha, T. Avgerinos, J. Foote, D. Warren, G. Grieco, and D. Brumley, "Optimizing seed selection for fuzzing," in Proceedings of the USENIX Security Symposium, pp. 861-875, May. 2014.
|
22 |
Samuel Gros, "FuzzIL: Coverage Guided Fuzzing for JavaScript Engines," Master Thesis, Karlsruhe Institute of Technology, Nov. 2018.
|
23 |
J. Wang, B. Chen, L. Wei, and Y. Liu, "Skyfire: Data-driven seed generation for fuzzing," in Proceedings of the IEEE Symposium on Security and Privacy, pp. 579-594, May. 2017.
|