Grammar-based whitebox fuzzing

  title={Grammar-based whitebox fuzzing},
  author={Patrice Godefroid and Adam Kiezun and Michael Y. Levin},
  booktitle={PLDI '08},
  • Patrice Godefroid, Adam Kiezun, Michael Y. Levin
  • Published in PLDI '08 2008
  • Computer Science
  • Whitebox fuzzing is a form of automatic dynamic test generation, based on symbolic execution and constraint solving, designed for security testing of large applications. Unfortunately, the current effectiveness of whitebox fuzzing is limited when testing applications with highly-structured inputs, such as compilers and interpreters. These applications process their inputs in stages, such as lexing, parsing and evaluation. Due to the enormous number of control paths in early processing stages… CONTINUE READING
    Superion: Grammar-Aware Greybox Fuzzing
    • 29
    • PDF
    BlendFuzz: A Model-Based Framework for Fuzz Testing Programs with Grammatical Inputs
    • 24
    Model-based whitebox fuzzing for program binaries
    • 56
    • Highly Influenced
    • PDF
    DeepFuzz: Automatic Generation of Syntax Valid C Programs for Fuzz Testing
    • 11
    • PDF
    NAUTILUS: Fishing for Deep Bugs with Grammars
    • 23
    • PDF


    Publications referenced by this paper.
    DART: Directed Automated Random Testing
    • 986
    • Highly Influential
    • PDF
    EXE: Automatically Generating Inputs of Death
    • 899
    • Highly Influential
    • PDF
    The Advantages of Block - Based Protocol Analysis for Security Testing
    • 85
    • Highly Influential
    • PDF