CoLaFUZE: Coverage-Guided and Layout-Aware Fuzzing for Android Drivers

INSTRIM: Lightweight Instrumentation for Coverage-guided Fuzzing

Empowered by instrumentation, coverage-guided fuzzing monitors the program execution path taken by an input, and prioritizes inputs based on their contribution to code coverage. Although instrumenting every basic block ensures full visibility, it slows down the fuzzer and thus the speed of vulnerability discovery. This paper shows that thanks to common program structures (e.g., directed acyclic...

VUzzer: Application-aware Evolutionary Fuzzing

Fuzzing is an effective software testing technique to find bugs. Given the size and complexity of real-world applications, modern fuzzers tend to be either scalable, but not effective in exploring bugs that lie deeper in the execution, or capable of penetrating deeper in the application, but not scalable. In this paper, we present an application-aware evolutionary fuzzing strategy that does not...

STAB Fuzzing: A Study of Android’s Binder IPC and Linux/Android Fuzzing

This paper focuses on describing the necessary background to begin working with Binder: Android’s Interprocess Communication (IPC) mechanism, and Linux/Android system call (“syscall”) fuzzing tools. The objective was to study Android and Binder along with system call fuzzing in order to learn more about Android, Binder IPC, and vulnerability detection and analysis. Our study was further concent...

Code Coverage Measurement Framework for Android Devi

Code Coverage Measurement Framework for Android Devices

Software testing is a very important activity in the software development life cycle. Numerous general blackand white-box techniques exist to achieve different goals and there are a lot of practices for different kinds of software. The testing of embedded systems, however, raises some very special constraints and requirements in software testing. Special solutions exist in this field, but there...