TY - STD TI - Aldeid (2013) Browser fuzzer 3. https://www.aldeid.com/wiki/Bf3. Accessed 25 Dec 2017. UR - https://www.aldeid.com/wiki/Bf3 ID - ref1 ER - TY - STD TI - Amini, P (2017) Sulley fuzzing framework. https://github.com/OpenRCE/sulley. Accessed 25 Dec 2017. UR - https://github.com/OpenRCE/sulley ID - ref2 ER - TY - CHAP AU - Banks, G. AU - Cova, M. AU - Felmetsger, V. AU - Almeroth, K. AU - Kemmerer, R. AU - Vigna, G. PY - 2006 DA - 2006// TI - Snooze: toward a stateful network protocol fuzzer BT - International Conference on Information Security PB - Springer CY - Berlin UR - https://doi.org/10.1007/11836810_25 DO - 10.1007/11836810_25 ID - Banks2006 ER - TY - CHAP AU - Böhme, M. AU - Pham, V. -. T. AU - Nguyen, M. -. D. AU - Roychoudhury, A. PY - 2017 DA - 2017// TI - Directed greybox fuzzing BT - Proceeding CCS ’17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security PB - ACM CY - New York ID - Böhme2017 ER - TY - STD TI - Böhme, M, Pham VT, Roychoudhury A (2017) Coverage-based greybox fuzzing as markov chain In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, 1032–1043.. ACM. ID - ref5 ER - TY - STD TI - Bowne, S (2015) Fuzzing with spike. https://samsclass.info/127/proj/p18-spike.htm. Accessed 25 Dec 2017. UR - https://samsclass.info/127/proj/p18-spike.htm ID - ref6 ER - TY - CHAP AU - Cha, S. K. AU - Avgerinos, T. AU - Rebert, A. AU - Brumley, D. PY - 2012 DA - 2012// TI - Unleashing mayhem on binary code BT - Security and Privacy (SP) 2012 IEEE Symposium on PB - IEEE CY - San Francisco UR - https://doi.org/10.1109/SP.2012.31 DO - 10.1109/SP.2012.31 ID - Cha2012 ER - TY - CHAP AU - De Ruiter, J. AU - Poll, E. PY - 2015 DA - 2015// TI - Protocol state fuzzing of tls implementations BT - Proceeding SEC’15 Proceedings of the 24th USENIX Conference on Security Symposium PB - USENIX Association CY - Berkeley ID - De Ruiter2015 ER - TY - JOUR AU - Godefroid, P. AU - Levin, M. Y. AU - Molnar, D. PY - 2012 DA - 2012// TI - Sage: whitebox fuzzing for security testing JO - Queue VL - 10 UR - https://doi.org/10.1145/2090147.2094081 DO - 10.1145/2090147.2094081 ID - Godefroid2012 ER - TY - CHAP AU - Godefroid, P. AU - Peleg, H. AU - Singh, R. PY - 2017 DA - 2017// TI - Learn & fuzz: Machine learning for input fuzzing BT - Proceeding ASE 2017 Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering PB - IEEE Press CY - Piscataway ID - Godefroid2017 ER - TY - JOUR AU - Gorbunov, S. AU - Rosenbloom, A. PY - 2010 DA - 2010// TI - Autofuzz: Automated network protocol fuzzing framework JO - IJCSNS VL - 10 ID - Gorbunov2010 ER - TY - CHAP AU - Han, H. AU - Cha, S. K. PY - 2017 DA - 2017// TI - Imf: Inferred model-based fuzzer BT - Proceeding CCS ’17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security PB - ACM CY - New York ID - Han2017 ER - TY - STD TI - Hertz, J (2015) Triforceafl. https://github.com/nccgroup/TriforceAFL. Accessed 25 Dec 2017. UR - https://github.com/nccgroup/TriforceAFL ID - ref13 ER - TY - STD TI - James, R (2013) Processor tracing. https://software.intel.com/en-us/blogs/2013/09/18/processor-tracing. Accessed 25 Dec 2017. UR - https://software.intel.com/en-us/blogs/2013/09/18/processor-tracing ID - ref14 ER - TY - STD TI - Jones, D (2010) trinity. https://github.com/kernelslacker/trinity. Accessed 25 Dec 2017. UR - https://github.com/kernelslacker/trinity ID - ref15 ER - TY - JOUR AU - King, J. C. PY - 1976 DA - 1976// TI - Symbolic execution and program testing JO - Commun ACM VL - 19 UR - https://doi.org/10.1145/360248.360252 DO - 10.1145/360248.360252 ID - King1976 ER - TY - STD TI - lcamtuf (2014) Fuzzing random programs without execve(). https://lcamtuf.blogspot.jp/2014/10/fuzzing-binaries-without-execve.html. Accessed 25 Dec 2017. UR - https://lcamtuf.blogspot.jp/2014/10/fuzzing-binaries-without-execve.html ID - ref17 ER - TY - STD TI - libfuzzer (2017) A library for coverage-guided fuzz testing. https://llvm.org/docs/LibFuzzer.html. Accessed 25 Dec 2017. UR - https://llvm.org/docs/LibFuzzer.html ID - ref18 ER - TY - CHAP AU - Liu, B. AU - Shi, L. AU - Cai, Z. AU - Li, M. PY - 2012 DA - 2012// TI - Software vulnerability discovery techniques: A survey BT - Multimedia Information Networking and Security (MINES), 2012 Fourth International Conference on PB - IEEE CY - Nanjing UR - https://doi.org/10.1109/MINES.2012.202 DO - 10.1109/MINES.2012.202 ID - Liu2012 ER - TY - CHAP AU - Luk, C. -. K. AU - Cohn, R. AU - Muth, R. AU - Patil, H. AU - Klauser, A. AU - Lowney, G. AU - Wallace, S. AU - Reddi, V. J. AU - Hazelwood, K. PY - 2005 DA - 2005// TI - Pin: building customized program analysis tools with dynamic instrumentation BT - Acm sigplan notices, volume 40 PB - ACM CY - Chicago ID - Luk2005 ER - TY - STD TI - Nichols, N, Raugas M, Jasper R, Hilliard N (2017) Faster fuzzing: Reinitialization with deep neural models. arXiv preprint arXiv:1711.02807. ID - ref21 ER - TY - STD TI - PeachTech (2017) Peach. https://www.peach.tech/. Accessed 25 Dec 2017. UR - https://www.peach.tech/ ID - ref22 ER - TY - STD TI - Petsios, T, Zhao J, Keromytis AD, Jana S (2017) Slowfuzz: Automated domain-independent detection of algorithmic complexity vulnerabilities In: Proceeding CCS ’17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 2155–2168.. ACM, New York. https://doi.org/10.1145/3133956.3134073. ID - ref23 ER - TY - STD TI - Rajpal, M, Blum W, Singh R (2017) Not all bytes are equal: Neural byte sieve for fuzzing. arXiv preprint arXiv:1711.04596. ID - ref24 ER - TY - STD TI - Rawat, S, Jain V, Kumar A, Cojocar L, Giuffrida C, Bos H (2017) Vuzzer: Application-aware evolutionary fuzzing In: Proceedings of the Network and Distributed System Security Symposium (NDSS). https://www.vusec.net/download/?t=papers/vuzzer_ndss17.pdf. UR - https://www.vusec.net/download/?t=papers/vuzzer_ndss17.pdf ID - ref25 ER - TY - CHAP AU - Schumilo, S. AU - Aschermann, C. AU - Gawlik, R. AU - Schinzel, S. AU - Holz, T. ED - Kirda, E. ED - Ristenpart, T. PY - 2017 DA - 2017// TI - kAFL: Hardware-assisted feedback fuzzing for OS kernels BT - 26th USENIX Security Symposium, USENIX Security 2017 PB - USENIX Association CY - Vancouver ID - Schumilo2017 ER - TY - CHAP AU - Serebryany, K. AU - Bruening, D. AU - Potapenko, A. AU - Vyukov, D. PY - 2012 DA - 2012// TI - Addresssanitizer: A fast address sanity checker BT - Proceeding USENIX ATC’12 Proceedings of the 2012 USENIX conference on Annual Technical Conference PB - USENIX Association CY - Berkeley ID - Serebryany2012 ER - TY - STD TI - Serebryany, K, Iskhodzhanov T (2009) Threadsanitizer: data race detection in practice In: Proceedings of the Workshop on Binary Instrumentation and Applications, 62–71. ID - ref28 ER - TY - STD TI - Shirey, RW (2000) Internet security glossary. https://tools.ietf.org/html/rfc2828. Accessed 25 Dec 2017. UR - https://tools.ietf.org/html/rfc2828 ID - ref29 ER - TY - STD TI - Stephenfewer (2016) Grinder. https://github.com/stephenfewer/grinder. Accessed 25 Dec 2017. UR - https://github.com/stephenfewer/grinder ID - ref30 ER - TY - STD TI - Stephens, N, Grosen J, Salls C, Dutcher A, Wang R, Corbetta J, Shoshitaishvili Y, Kruegel C, Vigna G (2016) Driller: Augmenting fuzzing through selective symbolic execution In: NDSS, volume 16, 1–16, San Diego. ID - ref31 ER - TY - BOOK AU - Sutton, M. AU - Greene, A. AU - Amini, P. PY - 2007 DA - 2007// TI - Fuzzing: brute force vulnerability discovery PB - Pearson Education CY - Upper Saddle River ID - Sutton2007 ER - TY - STD TI - Takanen, A, Demott JD, Miller C (2008) Fuzzing for software security testing and quality assurance. Artech House. ID - ref33 ER - TY - STD TI - The Clang Team (2017) Dataflowsanitizer. https://clang.llvm.org/docs/DataFlowSanitizerDesign.html. Accessed 25 Dec 2017. UR - https://clang.llvm.org/docs/DataFlowSanitizerDesign.html ID - ref34 ER - TY - STD TI - The Clang Team (2017) Leaksanitizer. https://clang.llvm.org/docs/LeakSanitizer.html. Accessed 25 Dec 2017. UR - https://clang.llvm.org/docs/LeakSanitizer.html ID - ref35 ER - TY - STD TI - Van Sprundel, I (2005) Fuzzing: Breaking software in an automated fashion. Decmember 8th. ID - ref36 ER - TY - STD TI - Vyukov, D (2015) Syzkaller. https://github.com/google/syzkaller. Accessed 25 Dec 2017. UR - https://github.com/google/syzkaller ID - ref37 ER - TY - CHAP AU - Wang, J. AU - Chen, B. AU - Wei, L. AU - Liu, Y. PY - 2017 DA - 2017// TI - Skyfire: Data-driven seed generation for fuzzing BT - Security and Privacy (SP), 2017 IEEE Symposium on PB - IEEE CY - San Jose ID - Wang2017 ER - TY - CHAP AU - Wang, S. AU - Nam, J. AU - Tan, L. PY - 2017 DA - 2017// TI - Qtep: quality-aware test case prioritization BT - Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering PB - ACM CY - New York ID - Wang2017 ER - TY - CHAP AU - Wang, T. AU - Wei, T. AU - Gu, G. AU - Zou, W. PY - 2010 DA - 2010// TI - Taintscope: A checksum-aware directed fuzzing tool for automatic software vulnerability detection BT - Security and privacy (SP) 2010 IEEE symposium on PB - IEEE CY - Berkeley UR - https://doi.org/10.1109/SP.2010.37 DO - 10.1109/SP.2010.37 ID - Wang2010 ER - TY - JOUR AU - Wichmann, B. A. AU - Canning, A. A. AU - Clutterbuck, D. L. AU - Winsborrow, L. A. AU - Ward, N. J. AU - Marsh, D. W. R. PY - 1995 DA - 1995// TI - Industrial perspective on static analysis JO - Softw Eng J VL - 10 UR - https://doi.org/10.1049/sej.1995.0010 DO - 10.1049/sej.1995.0010 ID - Wichmann1995 ER - TY - STD TI - Wikipedia, Wannacry ransomware attack (2017). https://en.wikipedia.org/wiki/WannaCry_ransomware_attack. Accessed 25 Dec 2017. UR - https://en.wikipedia.org/wiki/WannaCry_ransomware_attack ID - ref42 ER - TY - STD TI - Wikipedia (2017) Dynamic program analysis. https://en.wikipedia.org/wiki/Dynamic_program_analysis. Accessed 25 Dec 2017. UR - https://en.wikipedia.org/wiki/Dynamic_program_analysis ID - ref43 ER - TY - JOUR AU - Wu, Z. -. Y. AU - Wang, H. -. C. AU - Sun, L. -. C. AU - Pan, Z. -. L. AU - Liu, J. -. J. PY - 2010 DA - 2010// TI - Survey of fuzzing JO - Appl Res Comput VL - 27 ID - Wu2010 ER - TY - CHAP AU - Xu, W. AU - Kashyap, S. AU - Min, C. AU - Kim, T. PY - 2017 DA - 2017// TI - Designing new operating primitives to improve fuzzing performance BT - Proceeding CCS ’17 Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security PB - ACM CY - New York ID - Xu2017 ER - TY - JOUR AU - Yang, Q. AU - Li, J. J. AU - Weiss, D. M. PY - 2007 DA - 2007// TI - A survey of coverage-based testing tools JO - The Computer Journal VL - 52 UR - https://doi.org/10.1093/comjnl/bxm021 DO - 10.1093/comjnl/bxm021 ID - Yang2007 ER - TY - STD TI - Zalewski, M (2017) American fuzzy lop. http://lcamtuf.coredump.cx/afl/. Accessed 25 Dec 2017. UR - http://lcamtuf.coredump.cx/afl/ ID - ref47 ER - TY - STD TI - Zalewski, M (2017) Afl technical details. http://lcamtuf.coredump.cx/afl/technical_details.txt. Accessed 25 Dec 2017. UR - http://lcamtuf.coredump.cx/afl/technical_details.txt ID - ref48 ER - TY - STD TI - Zimmer, D (2013) Comraider. http://sandsprite.com/tools.php?id=16. Accessed 25 Dec 2017. UR - http://sandsprite.com/tools.php?id=16 ID - ref49 ER -