all InfoSec news
FishFuzz: Throwing Larger Nets to Catch Deeper Bugs. (arXiv:2207.13393v1 [cs.CR])
July 28, 2022, 1:20 a.m. | Han Zheng, Jiayuan Zhang, Yuhang Huang, Zezhong Ren, He Wang, Chunjie Cao, Yuqing Zhang, Flavio Toffalini, Mathias Payer
cs.CR updates on arXiv.org arxiv.org
Greybox fuzzing is the de-facto standard to discover bugs during development.
Fuzzers execute many inputs to maximize the amount of reached code. Recently,
Directed Greybox Fuzzers (DGFs) propose an alternative strategy that goes
beyond "just" coverage: driving testing toward specific code targets by
selecting "closer" seeds. DGFs go through different phases: exploration (i.e.,
reaching interesting locations) and exploitation (i.e., triggering bugs). In
practice, DGFs leverage coverage to directly measure exploration, while
exploitation is, at best, measured indirectly by alternating between …
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Cyber Systems Administration
@ Peraton | Washington, DC, United States
Android Security Engineer, Public Sector
@ Google | Reston, VA, USA
Lead Electronic Security Engineer, CPP - Federal Facilities - Hybrid
@ Black & Veatch | Denver, CO, US
Profissional Sênior de Compliance & Validação em TI - Montes Claros (MG)
@ Novo Nordisk | Montes Claros, Minas Gerais, BR
Principal Engineer, Product Security Engineering
@ Google | Sunnyvale, CA, USA