List of new target papers

[bbb1g]

List of target papers:

USENIX 2019

• GRIMOIRE: Synthesizing Structure while Fuzzing
• EnFuzz: Ensemble Fuzzing with Seed Synchronization among Diverse Fuzzers
• RVFUZZER: Finding Input Validation Bugs in Robotic Vehicles Through Control-Guided Testing
• FIRM-AFL: High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation

S&P 2019

• Fuzzing File Systems via Two-Dimensional Input Space Exploration
• NEUZZ: Efficient Fuzzing with Neural Program Smoothing
• ProFuzzer: On-the-fly Input Type Probing for Better Zero-day Vulnerability Discovery
• Razzer: Finding Kernel Race Bugs through Fuzzing
• Touching the Untouchables: Dynamic Security Analysis of the LTE Control Plane

CCS 2019

• Intriguer: Field-Level Constraint Solving for Hybrid Fuzzing
• Matryoshka: Fuzzing Deeply Nested Branches
• Learning to Fuzz from Symbolic Execution with Application to Smart Contracts

ASE 2019

• [ ] Coverage-guided Fuzzing for Feedforward Neural Networks poster
• [ ] DeepMutation++: a Mutation Testing Framework for Deep Learning Systems poster
• History-Guided Configuration Diversification for Compiler Test-Program Generation
• Learning-Guided Network Fuzzing for Testing Cyber-Physical System Defences
• [ ] VisFuzz: Understanding and Intervening Fuzzing with Interactive Visualization demo track

ICSE 2019

• Deep Differential Testing of JVM Implementations
• DIFFUZZ: Differential Fuzzing for Side-Channel Analysis
• Grey-box Concolic Testing on Binary Code
• Practical GUI Testing of Android Applications via Model Abstraction and Refinement
• RESTler: Stateful REST API Fuzzing
• SLF: Fuzzing without Valid Seed Inputs
• Superion: Grammar-Aware Greybox Fuzzing

FSE 2019

• Finding and Understanding Bugs in Software Model Checkers
• Cerebro: Context-Aware Adaptive Fuzzing for Effective Vulnerability Detection

NDSS 2020

• HYPER-CUBE: High-Dimensional Hypervisor Fuzzing
• HFL: Hybrid Fuzzing on the Linux Kernel
• [ ] Data-Driven Debugging for Functional Side Channels not a fuzzer
• HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing
• Not All Coverage Measurements Are Equal: Fuzzing by Coverage Accounting for Input Prioritization

USENIX 2020

• MUZZ: Thread-aware Grey-box Fuzzing for Effective Bug Hunting in Multithreaded Programs
• Analysis of DTLS Implementations Using Protocol State Fuzzing
• GREYONE: Data Flow Sensitive Fuzzing
• Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection
• Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer
• FANS: Fuzzing Android Native System Services via Automated Interface Analysis
• Medusa: Microarchitectural Data Leakage via Automated Attack Synthesis
• SpecFuzz
• ParmeSan: Sanitizer-guided Greybox Fuzzing
• USBFuzz: A Framework for Fuzzing USB Drivers by Device Emulation
• Symbolic execution with SYMCC: Don’t interpret, compile!
• Frankenstein: Advanced Wireless Fuzzing to Exploit New Bluetooth Escalation Targets
• EcoFuzz: Adaptive Energy-Saving Greybox Fuzzing as a Variant of the Adversarial Multi-Armed Bandit

S&P 2020

• Ex-vivo dynamic analysis framework for Android device drivers
• Fuzzing JavaScript Engines with Aspect-preserving Mutation
• KRACE: Data Race Fuzzing for Kernel File Systems
• Neutaint: Efficient Dynamic Taint Analysis with Neural Networks
• PANGOLIN: Incremental Hybrid Fuzzing with Polyhedral Path Abstraction
• SAVIOR: Towards Bug-Driven Hybrid Testing
• TRRespass: Exploiting the Many Sides of Target Row Refresh

ICSE 2020

• Typestate-Guided Fuzzer for Discovering Use-after-Free Vulnerabilities
• MemLock: Memory Usage Guided Fuzzing
• Ankou: Guiding Grey-box Fuzzing towards Combinatorial Difference
• JVM Fuzzing for JIT-Induced Side-Channel Detection
• Targeted Greybox Fuzzing with Static Lookahead Analysis
• Fuzz Testing based Data Augmentation to Improve Robustness of Deep Neural Networks
• sFuzz: An Efficient Adaptive Fuzzer for Solidity Smart Contracts
• HyDiff: Hybrid Differential Software Analysis

[sangkilc]

Added FIRM-AFL @ 72d3970

[sangkilc]

Added NEUZZ and ILF @ 58c0530

[sangkilc]

Added two more

[Jiliac]

Almost done with 2019! Just ICSE left.

The two firsts and the last paper for ASE 2019 only have 4 pages. Probably they are workshop papers? Maybe we have something similar for USENIX 2020 since it seems a little too much to have 13 fuzzing papers in one conference?

[bbb1g]

Ok I'm gonna checkin 2020년 10월 11일 (일) 오전 3:36, Valentin <notifications@github.com>님이 작성:

…

Almost done with 2019! Just ICSE left. The two firsts and the last paper for ASE 2019 only have 4 pages. Probably they are workshop papers? Maybe we have something similar for USENIX 2020 since it seems a little too much to have 13 fuzzing papers in one conference? — You are receiving this because you were assigned. Reply to this email directly, view it on GitHub <#8 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AHL43FPRSCCTKUFFADMVMULSKCSRLANCNFSM4R7XX5JQ> .

[bbb1g]

For ASE, I downloaded all pdfs from this site: https://ieeexplore.ieee.org/xpl/conhome/8949433/proceeding which included 'ASE 2019 Demonstrations'. We can just delete those 2 papers. For Usenix Security 2020, I downloaded this file: https://www.usenix.org/sites/default/files/sec20_full_proceedings.pdf and splited each articles with individual pdf files. I don't know why there are that much fuzzing-related articles, but I think it is because there exist 'Fuzzing' Category, as follows : Fuzzing 1 FuzzGuard: Filtering out Unreachable Inputs in Directed Grey-box Fuzzing through Deep Learning. . . . . . . . . . . 2255 Peiyuan Zong, Tao Lv, Dawei Wang, Zizhuang Deng, Ruigang Liang, and Kai Chen, SKLOIS, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China FuzzGen: Automatic Fuzzer Generation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2271 Kyriakos Ispoglou, Daniel Austin, and Vishwath Mohan, Google Inc.; Mathias Payer, EPFL ParmeSan: Sanitizer-guided Greybox Fuzzing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2289 Sebastian Österlund, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida, Vrije Universiteit Amsterdam EcoFuzz: Adaptive Energy-Saving Greybox Fuzzing as a Variant of the Adversarial Multi-Armed Bandit. . . . . . . 2307 Tai Yue, Pengfei Wang, Yong Tang, Enze Wang, Bo Yu, Kai Lu, and Xu Zhou, National University of Defense Technology Muzz: Thread-aware Grey-box Fuzzing for Effective Bug Hunting in Multithreaded Programs. . . . . . . . . . . . . . . . 2325 Hongxu Chen, University of Science and Technology of China and Nayang Technological University; Shengjian Guo, Baidu Security; Yinxing Xue, University of Science and Technology of China; Yulei Sui, University of Technology Sydney; Cen Zhang and Yuekang Li, Nanyang Technological University; Haijun Wang, Ant Financial Services Group; Yang Liu, Nanyang Technological University Fuzzing 2 Analysis of DTLS Implementations Using Protocol State Fuzzing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2523 Paul Fiterau-Brostean and Bengt Jonsson, Uppsala University; Robert Merget, Ruhr-University Bochum; Joeri de Ruiter, SIDN Labs; Konstantinos Sagonas, Uppsala University; Juraj Somorovsky, Paderborn University Agamotto: Accelerating Kernel Driver Fuzzing with Lightweight Virtual Machine Checkpoints. . . . . . . . . . . . . . . 2541 Dokyung Song, University of California, Irvine; Felicitas Hetzelt, Technische Universität Berlin; Jonghwan Kim and Brent Byunghoon Kang, KAIST; Jean-Pierre Seifert, Technische Universität Berlin; Michael Franz, University of California, Irvine USBFuzz: A Framework for Fuzzing USB Drivers by Device Emulation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2559 Hui Peng, Purdue University; Mathias Payer, EPFL GreyOne: Data Flow Sensitive Fuzzing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2577 Shuitao Gan, State Key Laboratory of Mathematical Engineering and Advanced Computing; Chao Zhang, Institute for Network Sciences and Cyberspace of Tsinghua University; Beijing National Research Center for Information Science and Technology; Peng Chen, ByteDance Inc.; Bodong Zhao, Institute for Network Science and Cyberspace, Tsinghua University; Xiaojun Qin and Dong Wu, State Key Laboratory of Mathematical Engineering and Advanced Computing; Zuoning Chen, National Research Center of Parallel Computer Engineering and Technology Fuzzing Error Handling Code using Context-Sensitive Software Fault Injection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2595 Zu-Ming Jiang and Jia-Ju Bai, Tsinghua University; Kangjie Lu, University of Minnesota; Shi-Min Hu, Tsinghua University Montage: A Neural Network Language Model-Guided JavaScript Engine Fuzzer. . . . . . . . . . . . . . . . . . . . . . . . . . . 2613 Suyoung Lee, HyungSeok Han, Sang Kil Cha, and Sooel Son, KAIST I'm newbie for this area, so I have no idea if this full-proceedings include workshop or something. Can u double-check for this articles? 2020년 10월 11일 (일) 오전 8:20, 이준오 <dlwnsdh3@gmail.com>님이 작성:

…

Ok I'm gonna checkin 2020년 10월 11일 (일) 오전 3:36, Valentin ***@***.***>님이 작성: > Almost done with 2019! Just ICSE left. > > The two firsts and the last paper for ASE 2019 only have 4 pages. > Probably they are workshop papers? Maybe we have something similar for > USENIX 2020 since it seems a little too much to have 13 fuzzing papers in > one conference? > > — > You are receiving this because you were assigned. > Reply to this email directly, view it on GitHub > <#8 (comment)>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/AHL43FPRSCCTKUFFADMVMULSKCSRLANCNFSM4R7XX5JQ> > . >

[sangkilc]

Fixed the list and added two more

[sangkilc]

Added two more

[sangkilc]

We need to add SlowFuzz from CCS'17: "https://dl.acm.org/doi/10.1145/3133956.3134073". For some reason, it is missing in our db.

[sangkilc]

Done with NDSS 2020

[Jiliac]

And we are done 🚀