Page 319 - 《软件学报》2025年第8期

P. 319

3742 软件学报 2025 年第 36 卷第 8 期

[7] Zuo FL, Luo ZX, Yu JZ, Liu Z, Jiang Y. PAVFuzz: State-sensitive fuzz testing of protocols in autonomous vehicles. In: Proc. of the 58th
ACM/IEEE Design Automation Conf. San Francisco: IEEE, 2021. 823–828. [doi: 10.1109/DAC18074.2021.9586321]
[8] Gao X, Saha RK, Prasad MR, Roychoudhury A. Fuzz testing based data augmentation to improve robustness of deep neural networks. In:
Proc. of the 42nd ACM/IEEE Int’l Conf. on Software Engineering. Seoul: Association for Computing Machinery, 2020. 1147–1158. [doi:
10.1145/3377811.3380415]
[9] Godefroid P, Levin MY, Molnar D. SAGE: Whitebox fuzzing for security testing. Communications of the ACM, 2012, 55(3): 40–44.
[doi: 10.1145/2093548.2093564]
[10] Stephens N, Grosen J, Salls C, Dutcher A, Wang RY, Corbetta J, Shoshitaishvili Y, Kruegel C, Vigna G. Driller: Augmenting fuzzing
through selective symbolic execution. In: Proc. of the 23rd Annual Network and Distributed System Security Symp. San Diego: NDSS,
2016. [doi: 10.14722/ndss.2016.23368]
[11] Feng XT, Sun RX, Zhu XG, Xue MH, Wen S, Liu DX, Nepal S, Xiang Y. Snipuzz: Black-box fuzzing of IoT firmware via message
snippet inference. In: Proc. of the 2021 ACM SIGSAC Conf. on Computer and Communications Security. New York: Association for
Computing Machinery, 2021. 337–350. [doi: 10.1145/3460120.3484543]
[12] Fioraldi A, Mantovani A, Maier D, Balzarotti D. Dissecting American fuzzy lop: A Fuzzbench evaluation. ACM Trans. on Software
Engineering and Methodology, 2023, 32(2): 52. [doi: 10.1145/3580596]
[13] Böhme M, Pham VT, Nguyen MD, Roychoudhury A. Directed greybox fuzzing. In: Proc. of the 2017 ACM SIGSAC Conf. on Computer
and Communications Security. Dallas: Association for Computing Machinery, 2017. 2329–2344. [doi: 10.1145/3133956.3134020]
[14] Gan ST, Zhang C, Qin XJ, Tu XW, Li K, Pei ZY, Chen ZN. CollAFL: Path sensitive fuzzing. In: Proc. of the 2018 IEEE Symp. on
Security and Privacy. San Francisco: IEEE, 2018. 679–696. [doi: 10.1109/SP.2018.00040]
[15] Xie XF, Ma L, Juefei-Xu F, Xue MH, Chen HX, Liu Y, Zhao JJ, Li B, Yin JX, See S. DeepHunter: A coverage-guided fuzz testing
framework for deep neural networks. In: Proc. of the 28th ACM SIGSOFT Int’l Symp. on Software Testing and Analysis. Beijing:
Association for Computing Machinery, 2019. 146–157. [doi: 10.1145/3293882.3330579]
[16] Lemieux C, Sen K. Fairfuzz: A targeted mutation strategy for increasing greybox fuzz testing coverage. In: Proc. of the 33rd IEEE/ACM
Int’l Conf. on Automated Software Engineering. Montpellier: IEEE, 2018. 475–485. [doi: 10.1145/3238147.3238176]
[17] Fioraldi A, Maier D, Eißfeldt H, Heuse M. AFL++: Combining incremental steps of fuzzing research. In: Proc. of the 14th USENIX
Conf. on Offensive Technologies. Berkeley: USENIX Association, 2020. 10.
[18] He JX, Balunović M, Ambroladze N, Tsankov P, Vechev M. Learning to fuzz from symbolic execution with application to smart
contracts. In: Proc. of the 2019 ACM SIGSAC Conf. on Computer and Communications Security. London: Association for Computing
Machinery, 2019. 531–548. [doi: 10.1145/3319535.3363230]
[19] Metzman J, Szekeres L, Simon L, Sprabery R, Arya A. Fuzzbench: An open fuzzer benchmarking platform and service. In: Proc. of the
29th ACM Joint Meeting on European Software Engineering Conf. and Symp. on the Foundations of Software Engineering. Athens:
Association for Computing Machinery, 2021. 1393–1403. [doi: 10.1145/3468264.3473932]
[20] Pham VT, Böhme M, Roychoudhury A. AFLNET: A greybox fuzzer for network protocols. In: Proc. of the 13th IEEE Int’l Conf. on
Software Testing, Validation and Verification. Porto: IEEE, 2020. 460–465. [doi: 10.1109/ICST46399.2020.00062]
[21] Song CX, Yu B, Zhou X, Yang Q. SPFuzz: A hierarchical scheduling framework for stateful network protocol fuzzing. IEEE Access,
2019, 7: 18490–18499. [doi: 10.1109/ACCESS.2019.2895025]
[22] Andronidis A, Cadar C. SnapFuzz: High-throughput fuzzing of network applications. In: Proc. of the 31st ACM SIGSOFT Int’l Symp. on
Software Testing and Analysis. New York: Association for Computing Machinery, 2022. 340–351. [doi: 10.1145/3533767.3534376]
[23] De Ruiter J, Poll E. Protocol state fuzzing of TLS implementations. In: Proc. of the 24th USENIX Conf. on Security Symp. Washington:
USENIX Association, 2015. 193–206.
[24] Fiterau-Brostean P, Jonsson B, Merget R, de Ruiter J, Sagonas K, Somorovsky J. Analysis of DTLS implementations using protocol state
fuzzing. In: Proc. of the 29th USENIX Security Symp. Berkeley: USENIX Association, 2020. 2523–2540.
[25] Fiterau-Brostean P, Jonsson B, Sagonas K, Tåquist F. Automata-based automated detection of state machine bugs in protocol
implementations. In: Proc. of the 30th Annual Network and Distributed System Security Symp. San Diego: NDSS, 2023.
[26] Zou YH, Bai JJ, Zhou JL, Tan JF, Qin CG, Hu SM. TCP-Fuzz: Detecting memory and semantic bugs in TCP stacks with fuzzing. In:
Proc. of the 2021 USENIX Annual Technical Conf. Berkeley: USENIX Association, 2021. 489–502.
[27] Natella R. STATEAFL: Greybox fuzzing for stateful network servers. Empirical Software Engineering, 2022, 27(7): 191. [doi: 10.1007/
s10664-022-10233-3]
[28] Dierks T, Rescorla E. RFC 5246: The transport layer security (TLS) protocol version 1.2. 2008. https://www.rfc-editor.org/rfc/rfc5246
[29] Raffelt H, Steffen B, Berg T. LearnLib: A library for automata learning and experimentation. In: Proc. of the 10th Int’l Workshop on

314 315 316 317 318 319 320 321 322 323 324