Automatic detection of vulnerabilities is a problem studied in literature and a very important concern in application development with security requirements. Fuzzing is a software testing technique, automated or semi-automated, that involves injecting a massive quantity of semi-random inputs in software in order to find security vulnerabilities. Many vulnerability detection techniques need manu...

Among the many software testing techniques available today, fuzzing has remained highly popular due to its conceptual simplicity, low barrier deployment, and vast amount of empirical evidence in discovering real-world vulnerabilities. At a high level, fuzzing refers process repeatedly running p...

Smart cards are tamper resistant devices but vulnerabilities are sometimes discovered. We address in this paper the security and the functional testing of embedded applications in smart cards. We propose an original methodology for the evaluation of applications and we show its benefit by comparing it to a classical certification process. The proposed method is based on the observation of the A...

Empowered by instrumentation, coverage-guided fuzzing monitors the program execution path taken by an input, and prioritizes inputs based on their contribution to code coverage. Although instrumenting every basic block ensures full visibility, it slows down the fuzzer and thus the speed of vulnerability discovery. This paper shows that thanks to common program structures (e.g., directed acyclic...

Fuzzing is an effective software testing technique to find bugs. Given the size and complexity of real-world applications, modern fuzzers tend to be either scalable, but not effective in exploring bugs that lie deeper in the execution, or capable of penetrating deeper in the application, but not scalable. In this paper, we present an application-aware evolutionary fuzzing strategy that does not...

Automatic test-case generation techniques of symbolic execution and fuzzing are the most widely used methods to discover vulnerabilities in, both, academia and industry. However, both these methods suffer from fundamental drawbacks that stop them from achieving high path coverage that may, consequently, lead to discovering vulnerabilities at the numerical scale of static analysis. In this prese...

This paper investigates the formation of the exit defects in carbon fibre-reinforced plates and characterizes their features in terms of drilling conditions. It was found that spalling and fuzzing are the major mechanisms of exit defects. The spalling, consisting of a main region and a secondary region, is caused by chisel and cutting edge actions, in which the former plays a key role. The fuzz...

Stefan Nagy, an assistant professor in the Kahlert School of Computing at University Utah, takes us on a tour recent research software fuzzing, or systematic testing programs via generation novel unexpected inputs. The first paper he discusses extends state art coverage-guided fuzzing with semantic notion "likely invariants," inferred techniques from property-based testing. second explores enco...

Abstract Grey-box fuzzing techniques have been widely used in software bug finding. In general, there are many decisions to make the process, including which code block target program should be explored first, bytes of an input seed mutated reach block, and how mutate chosen bytes. However, existing solutions usually rely on random exploration or certain heuristics choose where fuzz, limits eff...

We present a new method for random testing of binary executables inspired by biology. In our approach, we introduce the first fuzzer based on a mathematical model for optimal foraging. To minimize search time for possible vulnerabilities, we generate test cases with Lévy flights in the input space. In order to dynamically adapt test generation behavior to actual path exploration performance, we...