[1] |
Yu Zhao-hui.A picture to understand the overview of Chinas Internet network security situation in 2019 [J].Civil-Military Integration on Cyberspace,2020,35(4):29-30.(in Chinese)
|
[2] |
Microsoft security bulletin MS17-010-Critical|Microsoft Docs[EB/OL].[2020-10-23].https://docs.microsoft.com/en-us/securityupdates/sec-uritybulletins/2017/ms17-010.
|
[3] |
Liu B C, Shi L,Cai Z H,et al.Software vulnerability discovery techniques:A survey[C]∥Proc of the 4th International Conference on Multimedia Information Networking and Security,2012:152-156.
|
[4] |
Khedker U,Sanyal A,Sathe B.Data flow analysis:Theory and practice[M].Boca Raton:CRC Press,2017.
|
[5] |
Baldoni R,Coppa E,Delia D C,et al.A survey of symbolic execution techniques[J].ACM Computing Surveys,2018,51(3):1-39.
|
[6] |
Li J, Zhao B, Zhang C. Fuzzing: A survey[J]. Cybersecurity, 2018, 1(1): 1-13.
|
[7] |
Microsoft previews project Springfield,a cloud-based bug detector—The AI blog[EB/OL].[2020-10-22].https://blogs.microsoft.com/ai/microsoft-previews-project-springfield-cloud-based-bug-detector/.
|
[8] |
Serebryany K. Announcing OSS-Fuzz: Continuous fuzzing for open source software[EB/OL]. [2016-12-11].https://testing.googleblog.com/2016/12/announcing-oss-fuzz-continuous-fuzzing.html.
|
[9] |
Google online security blog: Open sourcing ClusterFuzz[EB/OL].[2020-10-23].https://security.googleblog.com/2019/02/open-sourcing-clusterfuzz.html.
|
[10] |
Project OneFuzz—Microsoft research[EB/OL].[2020-10-23].https://www.microsoft.com/en-us/research/project/project-onefuzz/.
|
[11] |
Wen C, Wang H J,Li Y K,et al.Memlock:Memory usage guided fuzzing[C]∥Proc of the 42nd International Conference on Software Engineering,2020:765-777.
|
[12] |
Nagy S,Hicks M.Full-speed fuzzing:Reducing fuzzing overhead through coverage-guided tracing[C]∥Proc of 2019 IEEE Symposium on Security and Privacy,2019:787-802.
|
[13] |
Zhou C, Wang M, Liang J, et al. Zeror: Speed up fuzzing with coverage-sensitive tracing and scheduling[C]//Proc of the 35th IEEE/ACM International Conference on Automated Software Engineering, 2020:858-870.
|
[14] |
Miller B. Project list[EB/OL]. [1988-12-10]. https://pages.cs.wisc.edu/~bart/fuzz/CS736-Projects-f1988.pdf.
|
[15] |
Zalewski M. American fuzzy lop[EB/OL]. [2014-12-11].https://lcamtuf.coredump.cx/afl/.
|
[16] |
Wang J J,Chen B H,Wei L,et al.Skyfire:Data-driven seed generation for fuzzing[C]∥Proc of 2017 IEEE Symposium on Security and Privacy,2017:579-594.
|
[17] |
Godefroid P, Peleg H, Singh R.Learn & fuzz:Machine learning for input fuzzing[C]∥Proc of the 32nd IEEE/ACM International Conference on Automated Software Engineering,2017:50-59.
|
[18] |
Bhme M, Pham V T,Roychoudhury A.Coverage-based greybox fuzzing as Markov chain[J].IEEE Transactions on Software Engineering,2017,45(5):489-506.
|
[19] |
Bhme M,Pham V T,Nguyen M D,et al.Directed greybox fuzzing[C]∥Proc of the 2017 ACM SIGSAC Conference on Computer and Communications Security,2017:2329-2344.
|
[20] |
Yue T, Wang P F, Tang Y, et al. EcoFuzz: Adaptive energy-saving greybox fuzzing as a variant of the adversarial multi-armed bandit[C]∥Proc of the 29th USENIX Security Symposium, 2020: 2307-2324.
|
[21] |
Rawat S,Jain V,Kumar A,et al.VUzzer:Application-aware evolutionary fuzzing[C]∥Proc of the 24th Annual Network and Distributed System Security Symposium,2017:1-14.
|
[22] |
Gan S T,Zhang C,Chen P,et al.GREYONE:Data flow sensitive fuzzing[C]∥Proc of the 29th USENIX Security Symposium,2020:2577-2594.
|
[23] |
Li He,Zhang Chao,Yang Xin,et al.Survey of OS kernel fuzzing[J].Journal of Chinese Computer Systems,2019,40(9):1994-1999.(in Chinese)
|
[24] |
Schumilo S, Aschermann C, Gawlik R, et al. kAFL: Hardware-assisted feedback fuzzing for OS kernels[C]∥Proc of the 26th USENIX Security Symposium, 2017:167-182.
|
[25] |
Kim K, Jeong D R, Kim C H, et al. HFL: Hybrid fuzzing on the Linux kernel[C]∥Proc of the 27th Annual Network and Distributed System Security Symposium, 2020:1.
|
[26] |
Jeong D R,Kim K,Shivakumar B,et al.Razzer:Finding kernel race bugs through fuzzing[C]∥Proc of 2019 IEEE Symposium on Security and Privacy,2019:754-768.
|
[27] |
Xu W,Moon H,Kashyap S,et al.Fuzzing file system via two-dimensional input space exploration[C]∥Proc of 2019 IEEE Symposium on Security and Privacy,2019:818-834.
|
[28] |
Schumilo S, Aschermann C,Abbasi A,et al.HYPER-CUBE:High-dimensional hypervisor fuzzing[C]∥Proc of the 27th Annual Network and Distributed System Security Symposium,2020:23-26.
|
[29] |
Zhong R,Chen Y,Hu H,et al.SQUIRREL:Testing database management systems with language validity and coverage feedback[C]∥Proc of the 2020 ACM SIGSAC Conference on Computer and Communications Security,2020:955-970.
|
[30] |
Kim T,Kim C H,Rhee J,et al.RVFUZZER:Finding input validation bugs in robotic vehicles through control-guided testing[C]∥Proc of the 28th USENIX Security Symposium,2019:425-442.
|
[31] |
Zhang G,Zhou X,Luo Y Q,et al.PTfuzz:Guided fuzzing with processor trace feedback[J].IEEE Access,2018,6:37302-37313.
|
[32] |
ClusterFuzz[EB/OL]. [2020-10-23].https://google.github.io/clusterfuzz/.
|
[33] |
Xu W,Kashyap S,Min C,et al.Designing new operating primitives to improve fuzzing performance[C]∥Proc of the 2017 ACM SIGSAC Conference on Computer and Communications Security,2017:2313-2328.
|
[34] |
Li Y,Feng C,Tang C.A large-scale parallel fuzzing system[C]∥Proc of the 2nd International Conference on Advances in Image Processing,2018:194-197.
|
[35] |
Ye J X,Zhang B,Li R L,et al.Program state sensitive parallel fuzzing for real world software[J].IEEE Access,2019,7:42557-42564.
|
[36] |
Li S S,Li R L,Ye J X,et al.Adaptive parallel fuzzing with multi-candidate task scheduling[J].Journal of Physics:Conference Series,2020,1619:012019.
|
[37] |
Liang J,Jiang Y,Chen Y L,et al.PAFL:Extend fuzzing optimizations of single mode to industrial parallel mode[C]∥Proc of the 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering,2018:809-814.
|
[38] |
Chen Y, Jiang Y,Ma F,et al.EnFuzz:Ensemble fuzzing with seed synchronization among diverse fuzzers[C]∥Proc of the 28th USENIX Security Symposium,2019:1967-1983.
|
[39] |
Güler E, Grz P, Geretto E, et al. CUPID: Automatic fuzzer selection for collaborative fuzzing[C]//Proc of Annual Computer Security Applications Conference, 2020:360-372.
|
[40] |
Serebryany K. libFuzzer–A library for coverage-guided fuzz testing[EB/OL]. [2015-12-11]. https://llvm.org/docs/LibFuzzer.html.
|
[41] |
Swiecki R. Honggfuzz[EB/OL].[2016-11-12].http://code.google.com/p/honggfuzz.
|
[42] |
Song C,Zhou X,Yin Q,et al.P-Fuzz:A parallel grey-box fuzzing framework[J].Applied Sciences,2019,9(23):5100.
|
[43] |
Zhou X,Wang P F,Liu C Y F,et al.UniFuzz:Optimizing distributed fuzzing via dynamic centralized task scheduling[J].arXiv:2009.06124,2020.
|
[44] |
Yan X.Using grid computing for large scale fuzzing[D].Lisbon:Universidade Nova de Lisboa,2010.
|
[45] |
Richo/Roving[EB/OL].[2020-10-23].https://github.com/richo/roving.
|
[46] |
MartijnB/disfuzz-afl:Distributed fuzzing for afl[EB/OL].[2020-10-23].https://github.com/MartijnB/disfuzz-afl.
|
[47] |
Mxmssh/manul:Manul is a coverage-guided parallel fuzzer for open-source and blackbox binaries on Windows,Linux and MacOS[EB/OL].[2020-10-23].https://github.com/mxmssh/manul.
|
[48] |
Stephens N, Grosen J,Salls C,et al.Driller:Augmenting fuzzing through selective symbolic execution[C]∥Proc of the 23rd Annual Network and Distributed System Security Symposium,2016:1-16.
|
[49] |
Yun I, Lee S, Xu M, et al. QSYM: A practical concolic execution engine tailored for hybrid fuzzing[C]∥Proc of the 27th USENIX Security Symposium,2018:745-761.
|
[50] |
Chen Y H,Li P,Xu J,et al.SAVIOR:Towards bug-driven hybrid testing[C]∥Proc of 2020 IEEE Symposium on Security and Privacy,2020:1580-1596.
|
[51] |
Lemieux C,Sen K.FairFuzz:A targeted mutation strategy for increasing greybox fuzz testing coverage[C]∥Proc of the 33rd ACM/IEEE International Conference on Automated Software Engineering,2018:475-485.
|
[52] |
Liang Hong-liang,Yang Xiao-yu, Dong Yu,et al.Parallel smart fuzzing test[J].Journal of Tsinghua University (Science and Technology),2014,54(1):14-19.(in Chinese)
|
[53] |
Li Y,Ji S,Chen Y,et al.UNIFUZZ:A holistic and pragmatic metrics-driven platform for evaluating fuzzers[J].arXiv:2010.01785,2020.
|
|
附中文参考文献:
|
[1] |
于朝晖.一图读懂《2019年我国互联网网络安全态势综述》[J].网信军民融合,2020,35(4):29-30.
|
[23] |
李贺,张超,杨鑫,等.操作系统内核模糊测试技术综述[J].小型微型计算机系统,2019,40(9):1994-1999.
|
[52] |
梁洪亮,阳晓宇,董钰,等.并行化智能模糊测试[J].清华大学学报(自然科学版),2014,54(1):14-19.
|