Open Access iconOpen Access

REVIEW

crossmark

Fuzzing: Progress, Challenges, and Perspectives

Zhenhua Yu1, Zhengqi Liu1, Xuya Cong1,*, Xiaobo Li2, Li Yin3

1 Institute of Systems Security and Control, College of Computer Science and Technology, Xi’an University of Science and Technology, Xi’an, 710054, China
2 School of Mathematics and Information Science, Baoji University of Arts and Sciences, Baoji, 721013, China
3 Institute of Systems Engineering, Macau University of Science and Technology, Taipa, Macau, China

* Corresponding Author: Xuya Cong. Email: email

Computers, Materials & Continua 2024, 78(1), 1-29. https://doi.org/10.32604/cmc.2023.042361

Abstract

As one of the most effective techniques for finding software vulnerabilities, fuzzing has become a hot topic in software security. It feeds potentially syntactically or semantically malformed test data to a target program to mine vulnerabilities and crash the system. In recent years, considerable efforts have been dedicated by researchers and practitioners towards improving fuzzing, so there are more and more methods and forms, which make it difficult to have a comprehensive understanding of the technique. This paper conducts a thorough survey of fuzzing, focusing on its general process, classification, common application scenarios, and some state-of-the-art techniques that have been introduced to improve its performance. Finally, this paper puts forward key research challenges and proposes possible future research directions that may provide new insights for researchers.

Keywords


Cite This Article

Z. Yu, Z. Liu, X. Cong, X. Li and L. Yin, "Fuzzing: progress, challenges, and perspectives," Computers, Materials & Continua, vol. 78, no.1, pp. 1–29, 2024.



cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 729

    View

  • 243

    Download

  • 0

    Like

Share Link