[1] Wikipedia. WannaCry ransomware attack[EB/OL].[2018-03-10]. https://en.wikipedia.org/wiki/WannaCry_ransomware_attack. [2] KHANDELWAL S. Critical flaw leaves thousands of Cisco switches vulnerable to remote hacking[EB/OL].[2018-03-10]. https://thehackernews.com/2018/04/cisco-switches-hacking.html. [3] MILLER B P, FREDRIKSEN L, SO B. An empirical study of the reliability of UNIX utilities[J]. Communications of the ACM, 1990, 33(12): 32-44. [4] OSS-Fuzz-Continuous fuzzing for open source software[EB/OL].[2018-03-10]. https://github.com/google/oss-fuzz. [5] Microsoft security development lifecycle[EB/OL].[2018-03-10]. https://www.microsoft.com/en-us/sdl/process/verification.aspx. [6] SHOSHITAISHVILI Y, WANG R, SALLS C, et al. SOK: (State of) the art of war: offensive techniques in binary analysis[C]// Proceedings of the 2016 IEEE Symposium on Security and Privacyn Security and Privacy. Piscataway, NJ: IEEE, 2016: 138-157. [7] ZALEWSKI M. American fuzzy lop (2.52b)[EB/OL].[2018-03-10]. http://lcamtuf.coredump.cx/afl/. [8] BÖHME M, PHAM V T, ROYCHOUDHURY A. Coverage-based greybox fuzzing as Markov chain[C]// Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2016: 1032-1043. [9] LEMIEUX C, SEN K. FairFuzz: a targeted mutation strategy for increasing greybox fuzz testing coverage[C]// Proceedings of the 2018 ACM/IEEE International Conference on Automated Software Engineering. Piscataway, NJ: IEEE, 2018: 475-485. [10] CADAR C, SEN K. Symbolic execution for software testing: three decades later[J].Communications of the ACM, 2013, 56(2): 82-90. [11] LIANG H L, PEI X X, JIA X D, et al. Fuzzing: state of the art[J]. IEEE Transactions on Reliability, 2018, 67(3): 1199-1218. [12] GAN S T, ZHANG C, QIN X J, et al. CollAFL: path sensitive fuzzing[C]// Proceedings of the 2018 IEEE Symposium on Security and Privacy. Piscataway, NJ: IEEE, 2018: 679-696. [13] PENG H, SHOSHITAISHVILI Y, PAYER M. T-Fuzz: fuzzing by program transformation[C]// Proceedings of the 2018 IEEE Symposium on Security and Privacy. Piscataway, NJ: IEEE, 2018: 697-710. [14] PHAM V T, ROYCHOUDHURY A. Model-based whitebox fuzzing for program binaries[C]// Proceedings of the 2016 IEEE/ACM International Conference on Automated Software Engineering. Piscataway, NJ: IEEE, 2016: 543-553. [15] RAWAT S, JAIN V, KUMAR A, et al. VUzzer: application-aware evolutionary fuzzing[EB/OL].[2018-03-20].https://mirror.explodie.org/3714.pdf. [16] 张斌, 李孟君, 吴波, 等. 基于动态污点分析的二进制程序导向性模糊测试方法[J]. 现代电子技术, 2014, 37(19): 89-94. (ZHANG B, LI M J, WU B, et al. Method of binary oriented fuzzy testing based on dynamic taint analysis[J]. Modern Electronics Technique, 2014, 37(19): 89-94.) [17] 王铁磊. 面向二进制程序的漏洞挖掘关键技术研究[D]. 北京:北京大学, 2011: 41-69. (WANG T L. Research on binary-executable-oriented software vulnerability detection[D]. Beijing: Peking University, 2011: 41-69.) [18] STEPHENS N, GROSEN J, SALLS C, et al. Driller: augmenting fuzzing through selective symbolic execution[EB/OL].[2018-03-20].http://www.cs.ucsb.edu/~chris/research/doc/ndss16_driller.pdf. [19] LI Y K, CHEN B H, CHANDRAMOHAN M, et al. Steelix: program-state based binary fuzzing[C]// Proceedings of the 2017 Joint Meeting on Foundations of Software Engineering. New York: ACM, 2017: 627-637. [20] CHEN P, CHEN H. Angora: efficient fuzzing by principled search[C]// Proceedings of the 2018 IEEE Symposium on Security and Privacy. Piscataway, NJ: IEEE, 2018: 697-710. [21] ZALEWSKI M. Technical "whitepaper" for AFL-fuzz[EB/OL].[2018-03-20]. http://lcamtuf.coredump.cx/afl/technical_details.txt. [22] Paradyn/Dyninst-Welcome[EB/OL].[2018-03-20]. https://dyninst.org/. [23] DOLANGAVITT B, HULIN P, KIRDA E, et al. LAVA: large-scale automated vulnerability addition[C]// Proceedings of the 2016 IEEE Symposium on Security and Privacy. Piscataway, NJ: IEEE, 2016: 110-121. |