{"id":"https://openalex.org/W4288057797","doi":"https://doi.org/10.1109/sp46214.2022.9833594","title":"PATA: Fuzzing with Path Aware Taint Analysis","display_name":"PATA: Fuzzing with Path Aware Taint Analysis","publication_year":2022,"publication_date":"2022-05-01","ids":{"openalex":"https://openalex.org/W4288057797","doi":"https://doi.org/10.1109/sp46214.2022.9833594"},"language":"en","primary_location":{"id":"doi:10.1109/sp46214.2022.9833594","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46214.2022.9833594","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5013553880","display_name":"Jie Liang","orcid":"https://orcid.org/0000-0002-9616-950X"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Jie Liang","raw_affiliation_strings":["Tsinghua University, KLISS, BNRist,School of Software,Beijing,China","School of Software, Tsinghua University, KLISS, BNRist, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University, KLISS, BNRist,School of Software,Beijing,China","institution_ids":["https://openalex.org/I99065089"]},{"raw_affiliation_string":"School of Software, Tsinghua University, KLISS, BNRist, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100630730","display_name":"Mingzhe Wang","orcid":"https://orcid.org/0000-0002-2153-6766"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Mingzhe Wang","raw_affiliation_strings":["Tsinghua University, KLISS, BNRist,School of Software,Beijing,China","School of Software, Tsinghua University, KLISS, BNRist, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University, KLISS, BNRist,School of Software,Beijing,China","institution_ids":["https://openalex.org/I99065089"]},{"raw_affiliation_string":"School of Software, Tsinghua University, KLISS, BNRist, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5004909890","display_name":"Chijin Zhou","orcid":"https://orcid.org/0000-0002-6446-247X"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chijin Zhou","raw_affiliation_strings":["Tsinghua University, KLISS, BNRist,School of Software,Beijing,China","School of Software, Tsinghua University, KLISS, BNRist, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University, KLISS, BNRist,School of Software,Beijing,China","institution_ids":["https://openalex.org/I99065089"]},{"raw_affiliation_string":"School of Software, Tsinghua University, KLISS, BNRist, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102869280","display_name":"Zhiyong Wu","orcid":"https://orcid.org/0000-0001-8533-0524"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhiyong Wu","raw_affiliation_strings":["Tsinghua University, KLISS, BNRist,School of Software,Beijing,China","School of Software, Tsinghua University, KLISS, BNRist, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University, KLISS, BNRist,School of Software,Beijing,China","institution_ids":["https://openalex.org/I99065089"]},{"raw_affiliation_string":"School of Software, Tsinghua University, KLISS, BNRist, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5060117799","display_name":"Yu Jiang","orcid":"https://orcid.org/0000-0003-0955-503X"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yu Jiang","raw_affiliation_strings":["Tsinghua University, KLISS, BNRist,School of Software,Beijing,China","School of Software, Tsinghua University, KLISS, BNRist, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University, KLISS, BNRist,School of Software,Beijing,China","institution_ids":["https://openalex.org/I99065089"]},{"raw_affiliation_string":"School of Software, Tsinghua University, KLISS, BNRist, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100693298","display_name":"Jianzhong Liu","orcid":"https://orcid.org/0000-0003-3612-4315"},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jianzhong Liu","raw_affiliation_strings":["Tsinghua University, KLISS, BNRist,School of Software,Beijing,China","School of Software, Tsinghua University, KLISS, BNRist, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University, KLISS, BNRist,School of Software,Beijing,China","institution_ids":["https://openalex.org/I99065089"]},{"raw_affiliation_string":"School of Software, Tsinghua University, KLISS, BNRist, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100462349","display_name":"Zhe Liu","orcid":"https://orcid.org/0000-0001-9116-2897"},"institutions":[{"id":"https://openalex.org/I9842412","display_name":"Nanjing University of Aeronautics and Astronautics","ror":"https://ror.org/01scyh794","country_code":"CN","type":"education","lineage":["https://openalex.org/I9842412"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhe Liu","raw_affiliation_strings":["Nanjing University of Aeronautics and Astronautics,Computer Science and Technology,Nanjing,China","Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing, China"],"affiliations":[{"raw_affiliation_string":"Nanjing University of Aeronautics and Astronautics,Computer Science and Technology,Nanjing,China","institution_ids":["https://openalex.org/I9842412"]},{"raw_affiliation_string":"Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing, China","institution_ids":["https://openalex.org/I9842412"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101085483","display_name":"Jiaguang Sun","orcid":null},"institutions":[{"id":"https://openalex.org/I99065089","display_name":"Tsinghua University","ror":"https://ror.org/03cve4549","country_code":"CN","type":"education","lineage":["https://openalex.org/I99065089"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiaguang Sun","raw_affiliation_strings":["Tsinghua University, KLISS, BNRist,School of Software,Beijing,China","School of Software, Tsinghua University, KLISS, BNRist, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Tsinghua University, KLISS, BNRist,School of Software,Beijing,China","institution_ids":["https://openalex.org/I99065089"]},{"raw_affiliation_string":"School of Software, Tsinghua University, KLISS, BNRist, Beijing, China","institution_ids":["https://openalex.org/I99065089"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5013553880"],"corresponding_institution_ids":["https://openalex.org/I99065089"],"apc_list":null,"apc_paid":null,"fwci":6.8045,"has_fulltext":false,"cited_by_count":64,"citation_normalized_percentile":{"value":0.97555012,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"17"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10142","display_name":"Formal Methods in Verification","score":0.9948999881744385,"subfield":{"id":"https://openalex.org/subfields/1703","display_name":"Computational Theory and Mathematics"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9160076379776001},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6111603379249573},{"id":"https://openalex.org/keywords/path","display_name":"Path (computing)","score":0.5943300724029541},{"id":"https://openalex.org/keywords/taint-checking","display_name":"Taint checking","score":0.5188359022140503},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.13809606432914734}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9160076379776001},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6111603379249573},{"id":"https://openalex.org/C2777735758","wikidata":"https://www.wikidata.org/wiki/Q817765","display_name":"Path (computing)","level":2,"score":0.5943300724029541},{"id":"https://openalex.org/C63116202","wikidata":"https://www.wikidata.org/wiki/Q7676227","display_name":"Taint checking","level":3,"score":0.5188359022140503},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.13809606432914734},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/sp46214.2022.9833594","is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp46214.2022.9833594","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE Symposium on Security and Privacy (SP)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/17","display_name":"Partnerships for the goals","score":0.4300000071525574}],"awards":[],"funders":[{"id":"https://openalex.org/F4320337504","display_name":"Research and Development","ror":"https://ror.org/027s68j25"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":35,"referenced_works":["https://openalex.org/W116656696","https://openalex.org/W1507845365","https://openalex.org/W1710734607","https://openalex.org/W1878544538","https://openalex.org/W1976878954","https://openalex.org/W2002934700","https://openalex.org/W2101512909","https://openalex.org/W2113864883","https://openalex.org/W2128985333","https://openalex.org/W2535617737","https://openalex.org/W2574017551","https://openalex.org/W2613534458","https://openalex.org/W2757104921","https://openalex.org/W2888875512","https://openalex.org/W2927166905","https://openalex.org/W2947182139","https://openalex.org/W2964097210","https://openalex.org/W2965536399","https://openalex.org/W2998321643","https://openalex.org/W3008477014","https://openalex.org/W3048197573","https://openalex.org/W3049474072","https://openalex.org/W3104664063","https://openalex.org/W4244413641","https://openalex.org/W6604712768","https://openalex.org/W6630124987","https://openalex.org/W6637688222","https://openalex.org/W6639560864","https://openalex.org/W6672159976","https://openalex.org/W6753913213","https://openalex.org/W6760770843","https://openalex.org/W6766204418","https://openalex.org/W6771896344","https://openalex.org/W6781883526","https://openalex.org/W6782130387"],"related_works":["https://openalex.org/W2008592783","https://openalex.org/W2179304688","https://openalex.org/W2159690530","https://openalex.org/W2004278744","https://openalex.org/W2107510936","https://openalex.org/W2027779752","https://openalex.org/W2893160992","https://openalex.org/W2620797757","https://openalex.org/W4294294414","https://openalex.org/W2962825342"],"abstract_inverted_index":{"Taint":[0],"analysis":[1,37,166],"assists":[2],"fuzzers":[3,195,236],"in":[4,17,25,92,140,153,200],"solving":[5],"complex":[6],"fuzzing":[7],"constraints":[8,24,93,152],"by":[9,196],"inferring":[10],"the":[11,47,71,76,84,96,115,123,133,141,146,154,159,173,201,219,230],"influencing":[12,134],"input":[13,135,148],"bytes.":[14],"Execution":[15],"paths":[16,205],"real-world":[18],"programs":[19],"often":[20],"reach":[21],"loops,":[22],"where":[23],"these":[26,193],"loops":[27],"can":[28],"be":[29],"visited":[30],"and":[31,94,109,126,177,186,198,207,237],"recorded":[32],"multiple":[33,44,68],"times.":[34],"Conventional":[35],"taint":[36,61,165],"techniques":[38],"experience":[39],"difficulties":[40],"when":[41],"distinguishing":[42],"between":[43,67],"occurrences":[45,69,103],"of":[46,70,102,104,122,161,203,233,252],"same":[48,72],"constraint.":[49],"In":[50],"this":[51],"paper,":[52],"we":[53,168],"propose":[54],"PATA,":[55],"a":[56],"fuzzer":[57],"that":[58,65,121],"implements":[59],"path-aware":[60],"analysis,":[62],"i.e.":[63],"one":[64],"distinguishes":[66],"variable":[73],"based":[74],"on":[75,172],"execution":[77],"path":[78],"information.":[79],"PATA":[80,88,113,144,162,191,228,244],"does":[81],"so":[82],"using":[83],"following":[85],"steps.":[86],"First,":[87],"identifies":[89],"variables":[90,108],"used":[91],"constructs":[95],"Representative":[97],"Variable":[98],"Sequence":[99],"(RVS),":[100],"consisting":[101],"all":[105,234],"representative":[106],"constraint":[107],"their":[110],"values.":[111],"Next,":[112],"perturbs":[114],"input,":[116,125],"matches":[117],"its":[118,170],"RVS":[119],"with":[120,250],"original":[124],"looks":[127],"for":[128,137],"value":[129],"changes":[130],"to":[131,150],"identify":[132],"bytes":[136,149],"each":[138],"entry":[139],"RVS.":[142],"Finally,":[143],"mutates":[145],"corresponding":[147],"solve":[151],"given":[155],"path.":[156],"To":[157],"demonstrate":[158],"effectiveness":[160],"over":[163],"conventional":[164],"methods,":[167],"evaluated":[169,235],"performance":[171],"benchmarks":[174],"Google\u2019s":[175,189],"fuzzer-test-suite":[176],"LAVA-M":[178],"against":[179],"AFL,":[180],"MOPT,":[181],"TortoriseFuzz,":[182],"VUzzer,":[183],"Angora,":[184],"Redqueen,":[185],"Greyone.":[187],"On":[188,226,241],"fuzzer-test-suite,":[190],"outperformed":[192],"state-of-the-art":[194],"29%\u20131830%":[197],"7%\u201387%":[199],"number":[202],"unique":[204],"found":[206,215,238,245],"basic":[208],"blocks":[209],"covered,":[210],"respectively.":[211],"More":[212],"importantly,":[213],"it":[214],"more":[216],"bugs":[217],"than":[218],"comparison":[220],"fuzzers,":[221],"including":[222],"17":[223],"unlisted":[224],"ones.":[225],"LAVA-M,":[227],"performed":[229],"best":[231],"out":[232],"2602":[239],"bugs.":[240],"open-source":[242],"projects,":[243],"40":[246],"previously":[247],"unknown":[248],"bugs,":[249],"12":[251],"them":[253],"confirmed":[254],"as":[255],"CVEs.":[256]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":16},{"year":2024,"cited_by_count":21},{"year":2023,"cited_by_count":23},{"year":2022,"cited_by_count":3}],"updated_date":"2026-03-17T09:09:15.849793","created_date":"2025-10-10T00:00:00"}