Machine learning models are vulnerable to adversarial examples. We study the most realistic hard-label black-box attacks in this paper. The main limitation of existing is that they need a large number model queries, making them inefficient and even infeasible practice. Inspired by very successful fuzz testing approach traditional software engineering computer security domains, we propose fuzzin...

Automated vulnerability searching tools have led to a dramatic increase of the rate at which such flaws are discovered. One particular searching technique is fault injection – i.e. insertion of random data into input files, buffers or protocol packets, combined with a systematic monitoring of memory violations. Even if these tools allow to uncover a lot of vulnerabilities, they are still very p...

The premise behind this thesis is the observation that Operating Systems (OS), being the foundation behind operations of computing systems, are complex entities and also subject to failures. Consequently, when they do fail, the impact is the loss of system service and the applications running thereon. While a multitude of sources for OS failures exist, device drivers are often identified as a p...

Coverage-based Greybox Fuzzing (CGF) is a practical and effective solution for finding bugs vulnerabilities in software. A key challenge of CGF how to select conducive seeds allocate accurate energy. To address this problem, we propose novel many-objective optimization solution, MooFuzz, which can identify different states the seed pool continuously gather information about guide schedule energ...

Abstract The wide application of mobile terminals that makes the software and hardware platforms gradually become important target malicious attackers. In response to above problems, this paper proposes a vulnerability mining scheme based on Fuzzing. scheme, many methods are used generate large number test cases. After receives corresponding cases, it analyzes output results exceptions thrown. ...