A Survey of Research on Coverage-Guided Greybox Fuzzing
Due to simple deployment,high scalability,and many real-world vulnerabilities are successfully detected,fuzz testing has attracted the attention of many scientific researchers and industry engineers.Among them,Coverage-guided Greybox Fuzzing(CGF)has become one of the most popular fuzzing techniques.It uses coverage of the program under test as feedback information,which can perform adequate software testing automatically and ensure the quality of software effectively.As a result,researchers have invested considerable efforts into improving CGF,resulting in numerous achievements.However,there is still no systematic survey of the existing CGF research work.For this reason,this paper analyzes the critical research achievements of CGF in recent years,divides the CGF process into four stages:preprocessing,test case selection,test case evolution,and test case evaluation,and systematically summarizes research progress in different stages.Furthermore,to address the inconsistency of evaluation settings in existing works,this paper provides statistics on the commonly used benchmarks,experimental settings,and evaluation metrics in the CGF field.Lastly,based on an analysis of the current research progresses,this paper discusses the limitations,potential solutions,and future research directions of CGF in different stages,such as preprocessing and test case selection.
NETL
NSTL
万方数据
