The Art, Science, and Engineering of Fuzzing: A Survey

Cited 78 time in webofscience Cited 0 time in scopus
  • Hit : 114
  • Download : 383
Among the many software testing techniques available today, fuzzing has remained highly popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of empirical evidence in discovering real-world software vulnerabilities. At a high level, fuzzing refers to a process of repeatedly running a program with generated inputs that may be syntactically or semantically malformed. While researchers and practitioners alike have invested a large and diverse effort towards improving fuzzing in recent years, this surge of work has also made it difficult to gain a comprehensive and coherent view of fuzzing. To help preserve and bring coherence to the vast literature of fuzzing, this paper presents a unified, general-purpose model of fuzzing together with a taxonomy of the current fuzzing literature. We methodically explore the design decisions at every stage of our model fuzzer by surveying the related literature and innovations in the art, science, and engineering that make modern-day fuzzers effective.
Publisher
IEEE COMPUTER SOC
Issue Date
2021-11
Language
English
Article Type
Article
Citation

IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, v.47, no.11, pp.2312 - 2331

ISSN
0098-5589
DOI
10.1109/tse.2019.2946563
URI
http://hdl.handle.net/10203/289589
Appears in Collection
CS-Journal Papers(저널논문)
Files in This Item
111726.pdf(1.1 MB)Download
This item is cited by other documents in WoS
⊙ Detail Information in WoSⓡ Click to see webofscience_button
⊙ Cited 78 items in WoS Click to see citing articles in records_button

qr_code

  • mendeley

    citeulike


rss_1.0 rss_2.0 atom_1.0