检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:Jun Li Bodong Zhao Chao Zhang
机构地区:[1]Tsinghua University,Beijing 100084,China
出 处:《Cybersecurity》2018年第1期80-92,共13页网络空间安全科学与技术(英文)
基 金:supported in part by the National Natural Science Foundation of China(Grant No.6177230861472209,and U1736209);Young Elite Scientists Spon-sorship Program by CAST(Grant No.2016QNRC001);award from Tsinghua Information Science And Technology National Laboratory.
摘 要:Security vulnerability is one of the root causes of cyber-security threats.To discover vulnerabilities and fix them in advance,researchers have proposed several techniques,among which fuzzing is the most widely used one.In recent years,fuzzing solutions,like AFL,have made great improvements in vulnerability discovery.This paper presents a summary of the recent advances,analyzes how they improve the fuzzing process,and sheds light on future work in fuzzing.Firstly,we discuss the reason why fuzzing is popular,by comparing different commonly used vulnerability discovery techniques.Then we present an overview of fuzzing solutions,and discuss in detail one of the most popular type of fuzzing,i.e.,coverage-based fuzzing.Then we present other techniques that could make fuzzing process smarter and more efficient.Finally,we show some applications of fuzzing,and discuss new trends of fuzzing and potential future directions.
关 键 词:Vulnerability discovery Software security FUZZING Coverage-based fuzzing
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.117.9.230
