SAND: Decoupling Sanitization from Fuzzing for Low Overhead | allinfosecnews.com

Feb. 27, 2024, 5:11 a.m. | Ziqiao Kong, Shaohua Li, Heqing Huang, Zhendong Su

cs.CR updates on arXiv.org arxiv.org

arXiv:2402.16497v1 Announce Type: new
Abstract: Sanitizers provide robust test oracles for various software vulnerabilities. Fuzzing on sanitizer-enabled programs has been the best practice to find software bugs. Since sanitizers need to heavily instrument a target program to insert run-time checks, sanitizer-enabled programs have much higher overhead compared to normally built programs. In this paper, we present SAND, a new fuzzing framework that decouples sanitization from the fuzzing loop. SAND performs fuzzing on a normally built program and only invokes sanitizer-enabled …

arxiv best practice bugs cs.cr cs.se find fuzzing higher low practice program run sanitizer sanitizers software software vulnerabilities target test vulnerabilities

More from arxiv.org / cs.CR updates on arXiv.org

PrivLM-Bench: A Multi-level Privacy Evaluation Benchmark for Language Models 2 days, 1 hour ago | arxiv.org

accessibility art arxiv attention +15

Provably Robust Cost-Sensitive Learning via Randomized Smoothing 2 days, 1 hour ago | arxiv.org

arxiv cost cs.cr cs.lg +1

WW-FL: Secure and Private Large-Scale Federated Learning 2 days, 1 hour ago | arxiv.org

arxiv attacks client cs.cr +28

Formalizing and Benchmarking Prompt Injection Attacks and Defenses 2 days, 1 hour ago | arxiv.org

arxiv attacks benchmarking cs.ai +9

SecureFalcon: Are We There Yet in Automated Software Vulnerability Detection with LLMs? 2 days, 1 hour ago | arxiv.org

adoption analysis applications arxiv +30

An Efficient and Multi-private Key Secure Aggregation for Federated Learning 2 days, 1 hour ago | arxiv.org

aggregation arxiv client cs.ai +21

How (not) to Build Quantum PKE in Minicrypt 2 days, 1 hour ago | arxiv.org

arxiv box build can +12

Computing Low-Entropy Couplings for Large-Support Distributions 2 days, 1 hour ago | arxiv.org

arxiv computing cs.cr cs.it +6

Unveiling and Mitigating Backdoor Vulnerabilities based on Unlearning Weight Changes and Backdoor Activeness 2 days, 1 hour ago | arxiv.org

arxiv attacks backdoor backdoor attacks +14

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com