Fuzzing: a survey

Fuzzing: a survey

Security vulnerability is one of the root causes of cyber-security threats. To discover vulnerabilities and fix them in advance, researchers have proposed several techniques, among which fuzzing is the most widely used one. In recent years, fuzzing solutions, like AFL, have made great improvements i...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Cybersecurity 2018-06, Vol.1 (1), p.1-13, Article 6
Hauptverfasser: Li, Jun, Zhao, Bodong, Zhang, Chao
Format: Artikel
Sprache:eng
Schlagworte:
Analysis
Computer Science
Coverage-based fuzzing
Cybersecurity
Data security
Fuzzing
Fuzzy logic
Internet security
Software security
Survey
System Security
Vulnerability discovery
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Security vulnerability is one of the root causes of cyber-security threats. To discover vulnerabilities and fix them in advance, researchers have proposed several techniques, among which fuzzing is the most widely used one. In recent years, fuzzing solutions, like AFL, have made great improvements in vulnerability discovery. This paper presents a summary of the recent advances, analyzes how they improve the fuzzing process, and sheds light on future work in fuzzing. Firstly, we discuss the reason why fuzzing is popular, by comparing different commonly used vulnerability discovery techniques. Then we present an overview of fuzzing solutions, and discuss in detail one of the most popular type of fuzzing, i.e., coverage-based fuzzing. Then we present other techniques that could make fuzzing process smarter and more efficient. Finally, we show some applications of fuzzing, and discuss new trends of fuzzing and potential future directions.
ISSN:2523-3246
2523-3246
DOI:10.1186/s42400-018-0002-y