Write a Blog >>
ICSE 2020
Wed 24 June - Thu 16 July 2020
Thu 9 Jul 2020 07:44 - 07:52 at Baekje - I13-Testing and Debugging 1 Chair(s): Shin Hwei Tan

Among the many software testing techniques available today, \emph{fuzzing} has remained highly popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of empirical evidence in discovering real-world software vulnerabilities.

Our survey shows the fuzzing community is extremely vibrant. The recent surge of work by researchers and practitioners alike has made it difficult to gain a comprehensive and coherent view of fuzzing. Thus, it is easy to lose track of the design decisions and potentially important tweaks performed in each tool and paper. Furthermore, there has been an observable fragmentation in the terminology used by various fuzzers. For example, test case “minimization” and “reduction” are often used interchangeably. Such fragmentation makes it difficult to discover and disseminate knowledge and may severely hinder the progress in fuzzing research in the long run.

To help preserve and bring coherence to the vast literature of fuzzing, this paper presented a unified, general-purpose model of fuzzing together with a taxonomy of the current literature. Our terminology is chosen to closely reflect the current predominant usages, and our model is designed to suit a large number of fuzzing tasks. We surveyed academic papers from the major Security and Software Engineering conferences in the last 10 years, as well as projects having more than 100 stars on GitHub. The paper methodically explores the design decisions at every stage of the model by surveying the related literature and innovations that make modern-day fuzzers effective.

Thu 9 Jul
Times are displayed in time zone: (UTC) Coordinated Universal Time change

07:00 - 08:00: I13-Testing and Debugging 1Paper Presentations / Demonstrations / Technical Papers / Software Engineering in Practice / Journal First at Baekje
Chair(s): Shin Hwei TanSouthern University of Science and Technology
07:00 - 07:12
Talk
Technical Papers
Antonia BertolinoCNR-ISTI, Antonio GuerrieroUniversità di Napoli Federico II, Breno MirandaFederal University of Pernambuco, Roberto PietrantuonoUniversità di Napoli Federico II, Stefano RussoUniversità di Napoli Federico II
07:12 - 07:24
Talk
Technical Papers
Lukas KirschnerSaarland University, Ezekiel O. SoremekunCISPA Helmholtz Center for Information Security, Andreas ZellerCISPA Helmholtz Center for Information Security
Link to publication DOI Pre-print
07:24 - 07:36
Talk
Software Engineering in Practice
Mingyu ParkLG Electronics, Hoon JangHyundai Motor Company, Taejoon ByunUniversity of Minnesota, Yunja ChoiKyungpook National University
Pre-print
07:36 - 07:44
Talk
Journal First
Sangameshwar PatilDept. of CSE, IIT Madras and TRDDC, TCS, Balaraman RavindranIIT Madras
07:44 - 07:52
Talk
Journal First
Valentin ManèsCSRC, KAIST, HyungSeok HanKAIST, Choongwoo HanNAVER Corporation, Sang Kil ChaKAIST, Manuel EgeleBoston University, USA, Edward SchwartzCarnegie Mellon University, Maverick WooCarnegie Mellon University
07:52 - 07:55
Talk
Demonstrations
Yung-Pin ChengNational Central University, Wei-Nien HsiungNational Central University, Yu-Shan WuIsCoollab Co. Ltd, Li-Hsuan ChenIsCoollab Co. Ltd