Driller: Augmenting Fuzzing Through Selective Symbolic Execution

Stephens, Nick; Grosen, John; Salls, Christopher; Dutcher, Andrew; Wang, Ruoyu; Corbetta, Jacopo; Shoshitaishvili, Yan; Kruegel, Christopher; Vigna, Giovanni

doi:10.14722/ndss.2016.23368

articleJan 1, 2016GOLD OA

Driller: Augmenting Fuzzing Through Selective Symbolic Execution

NSNick Stephens JGJohn Grosen CSChristopher Salls ADAndrew Dutcher RWRuoyu Wang

University of California, Santa Barbara

Indexed incrossref

Abstract

Memory corruption vulnerabilities are an everpresent risk in software, which attackers can exploit to obtain unauthorized access to confidential information. As products with access to sensitive data are becoming more prevalent, the number of potentially exploitable systems is also increasing, resulting in a greater need for automated software vetting tools. DARPA recently funded a competition, with millions of dollars in prize money, to further research focusing on automated vulnerability finding and patching, showing the importance of research in this area. Current techniques for finding potential bugs include static, dynamic, and concolic analysis systems, which each having their own advantages and…

Citation impact

875

total citations

FWCI: 130.80
Percentile: 100%
References: 29

Citations per year

Authors

9

Topics & keywords

Topics

Keywords

Fuzz testing
Concolic testing
Computer science
Exploit
Executable
Software bug
Symbolic execution
Computer security

No related works found for this paper.