A Study of Coverage Improvement for Library Fuzzing |
Kim, Seoyoung
(The Affiliated Institute of ETRI)
Cho, Mingi (Information Security Lab, GSI, Yonsei University) Kim, Jongshin (Information Security Lab, GSI, Yonsei University) Kwon, Taekyoung (Information Security Lab, GSI, Yonsei University) |
1 | J. Jang, and H. Kim, "Automated Applying Greybox Fuzzing to C/C++ Library Using Unit Test," Journal of KIISC, 29(4), pp. 807-819, Aug. 2019. |
2 | Netcraft, "Half a million widely truste d websites vulnerable to Heartbleed bug," Apr. 2014. |
3 | J. Drak, "Stagefright: Scary Code in the Heart of Android," BlackHat USA, Aug. 2015. |
4 | B. P. Miller, L. Fredriksen, and B. So, "An Empirical Study of the Reliability of UNIX Utilities," Communications of the ACM, vol. 33, no. 12, pp. 32-44, Dec. 1990. DOI |
5 | R. Majumdar and K. Sen, "Hybrid Concolic Testing," Proceedings of the International Conference on Software Engineering, pp. 416-426, May. 2007. |
6 | l. Yun, S. Lee, M. Xu, Y. Jang, and T. Kim., "QSYM: A Practical Concolic Execution Engine Tailored for Hybrid Fuzzing," Proceedings of the USENIX Security, pp. 745-761, Aug. 2018. |
7 | M. Cho, S. Kim and T. Kwon, "Intriguer: Field-Level Constraint Solving for Hybrid Fuzzing," Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, pp. 515-530, Nov. 2019. |
8 | Guidovranken, "Cryptofuzz," https://github.com/guidovranken/cryptofuzz, 2019. |
9 | K. Serebryany, "libFuzzer - a library for coverage-guided fuzz testing." LLVM project, 2015. |
10 | mbedTLS, https://github.com/ARMmbed/mbedtls |
11 | Crypto++, https://www.cryptopp.com |
12 | OpenSSL, https://www.openssl.org |