Fuzzing:a survey
作者机构:Tsinghua UniversityBeijing 100084China
出 版 物:《Cybersecurity》 (网络空间安全科学与技术(英文))
年 卷 期:2018年第1卷第1期
页 面:80-92页
核心收录:
学科分类:0810[工学-信息与通信工程] 1205[管理学-图书情报与档案管理] 07[理学] 0839[工学-网络空间安全] 0835[工学-软件工程] 0811[工学-控制科学与工程] 0701[理学-数学] 0812[工学-计算机科学与技术(可授工学、理学学位)] 070101[理学-基础数学]
基 金:supported in part by the National Natural Science Foundation of China(Grant No.6177230861472209,and U1736209) Young Elite Scientists Spon-sorship Program by CAST(Grant No.2016QNRC001) award from Tsinghua Information Science And Technology National Laboratory
主 题:Vulnerability discovery Software security Fuzzing Coverage-based fuzzing
摘 要:Security vulnerability is one of the root causes of cyber-security *** discover vulnerabilities and fix them in advance,researchers have proposed several techniques,among which fuzzing is the most widely used *** recent years,fuzzing solutions,like AFL,have made great improvements in vulnerability *** paper presents a summary of the recent advances,analyzes how they improve the fuzzing process,and sheds light on future work in ***,we discuss the reason why fuzzing is popular,by comparing different commonly used vulnerability discovery *** we present an overview of fuzzing solutions,and discuss in detail one of the most popular type of fuzzing,i.e.,coverage-based *** we present other techniques that could make fuzzing process smarter and more ***,we show some applications of fuzzing,and discuss new trends of fuzzing and potential future directions.