{"id":"https://openalex.org/W2766540688","doi":"https://doi.org/10.1145/3133956.3134020","title":"Directed Greybox Fuzzing","display_name":"Directed Greybox Fuzzing","publication_year":2017,"publication_date":"2017-10-27","ids":{"openalex":"https://openalex.org/W2766540688","doi":"https://doi.org/10.1145/3133956.3134020","mag":"2766540688"},"language":"en","primary_location":{"id":"doi:10.1145/3133956.3134020","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3133956.3134020","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5005260100","display_name":"Marcel B\u00f6hme","orcid":"https://orcid.org/0000-0002-4470-1824"},"institutions":[{"id":"https://openalex.org/I165932596","display_name":"National University of Singapore","ror":"https://ror.org/01tgyzw49","country_code":"SG","type":"education","lineage":["https://openalex.org/I165932596"]}],"countries":["SG"],"is_corresponding":true,"raw_author_name":"Marcel B\u00f6hme","raw_affiliation_strings":["National University of Singapore, Singapore, Singapore"],"affiliations":[{"raw_affiliation_string":"National University of Singapore, Singapore, Singapore","institution_ids":["https://openalex.org/I165932596"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5056177929","display_name":"Van-Thuan Pham","orcid":"https://orcid.org/0000-0002-9871-3695"},"institutions":[{"id":"https://openalex.org/I165932596","display_name":"National University of Singapore","ror":"https://ror.org/01tgyzw49","country_code":"SG","type":"education","lineage":["https://openalex.org/I165932596"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Van-Thuan Pham","raw_affiliation_strings":["National University of Singapore, Singapore, Singapore"],"affiliations":[{"raw_affiliation_string":"National University of Singapore, Singapore, Singapore","institution_ids":["https://openalex.org/I165932596"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021986995","display_name":"Manh-Dung Nguyen","orcid":"https://orcid.org/0000-0001-8760-3258"},"institutions":[{"id":"https://openalex.org/I165932596","display_name":"National University of Singapore","ror":"https://ror.org/01tgyzw49","country_code":"SG","type":"education","lineage":["https://openalex.org/I165932596"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Manh-Dung Nguyen","raw_affiliation_strings":["National University of Singapore, Singapore, Singapore"],"affiliations":[{"raw_affiliation_string":"National University of Singapore, Singapore, Singapore","institution_ids":["https://openalex.org/I165932596"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5060115298","display_name":"Abhik Roychoudhury","orcid":"https://orcid.org/0000-0002-7127-1137"},"institutions":[{"id":"https://openalex.org/I165932596","display_name":"National University of Singapore","ror":"https://ror.org/01tgyzw49","country_code":"SG","type":"education","lineage":["https://openalex.org/I165932596"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Abhik Roychoudhury","raw_affiliation_strings":["National University of Singapore, Singapore, Singapore"],"affiliations":[{"raw_affiliation_string":"National University of Singapore, Singapore, Singapore","institution_ids":["https://openalex.org/I165932596"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5005260100"],"corresponding_institution_ids":["https://openalex.org/I165932596"],"apc_list":null,"apc_paid":null,"fwci":67.3046,"has_fulltext":false,"cited_by_count":702,"citation_normalized_percentile":{"value":0.999801,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"2329","last_page":"2344"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9937469959259033},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8409178853034973},{"id":"https://openalex.org/keywords/schedule","display_name":"Schedule","score":0.5870729684829712},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.48146572709083557},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.4654895067214966},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.4275500774383545},{"id":"https://openalex.org/keywords/crash","display_name":"Crash","score":0.41449353098869324},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.21286731958389282},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.20628595352172852},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.13025018572807312}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9937469959259033},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8409178853034973},{"id":"https://openalex.org/C68387754","wikidata":"https://www.wikidata.org/wiki/Q7271585","display_name":"Schedule","level":2,"score":0.5870729684829712},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.48146572709083557},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.4654895067214966},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.4275500774383545},{"id":"https://openalex.org/C183469790","wikidata":"https://www.wikidata.org/wiki/Q333501","display_name":"Crash","level":2,"score":0.41449353098869324},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.21286731958389282},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.20628595352172852},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.13025018572807312}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3133956.3134020","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3133956.3134020","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Affordable and clean energy","id":"https://metadata.un.org/sdg/7","score":0.8999999761581421}],"awards":[{"id":"https://openalex.org/G8090540882","display_name":null,"funder_award_id":"NRF2014NCR-NCR001-21","funder_id":"https://openalex.org/F4320320709","funder_display_name":"National Research Foundation Singapore"}],"funders":[{"id":"https://openalex.org/F4320320709","display_name":"National Research Foundation Singapore","ror":"https://ror.org/03cpyc314"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":47,"referenced_works":["https://openalex.org/W41435888","https://openalex.org/W116894366","https://openalex.org/W157156687","https://openalex.org/W1480909796","https://openalex.org/W1507845365","https://openalex.org/W1526710119","https://openalex.org/W1710734607","https://openalex.org/W1878544538","https://openalex.org/W1965335252","https://openalex.org/W1976878954","https://openalex.org/W2002934700","https://openalex.org/W2017828132","https://openalex.org/W2024060531","https://openalex.org/W2040935253","https://openalex.org/W2042033151","https://openalex.org/W2057891174","https://openalex.org/W2069661885","https://openalex.org/W2103552788","https://openalex.org/W2105983962","https://openalex.org/W2116622216","https://openalex.org/W2125152082","https://openalex.org/W2128006558","https://openalex.org/W2128985333","https://openalex.org/W2137530017","https://openalex.org/W2152565783","https://openalex.org/W2164649341","https://openalex.org/W2165751179","https://openalex.org/W2168625647","https://openalex.org/W2186070848","https://openalex.org/W2294434616","https://openalex.org/W2340281863","https://openalex.org/W2367183013","https://openalex.org/W2470989862","https://openalex.org/W2517087431","https://openalex.org/W2534135179","https://openalex.org/W2535617737","https://openalex.org/W2574017551","https://openalex.org/W2613534458","https://openalex.org/W2767389543","https://openalex.org/W3140804348","https://openalex.org/W4236799059","https://openalex.org/W4241778203","https://openalex.org/W4244413641","https://openalex.org/W4249100736","https://openalex.org/W4251988601","https://openalex.org/W4392251494","https://openalex.org/W6833780757"],"related_works":["https://openalex.org/W2511770387","https://openalex.org/W3120811337","https://openalex.org/W2766647240","https://openalex.org/W4385301282","https://openalex.org/W2990186179","https://openalex.org/W3203597304","https://openalex.org/W4248424560","https://openalex.org/W4210660460","https://openalex.org/W3119380829","https://openalex.org/W2521811015"],"abstract_inverted_index":{"Existing":[0],"Greybox":[1,43],"Fuzzers":[2],"(GF)":[3],"cannot":[4],"be":[5],"effectively":[6],"directed,":[7],"for":[8,88],"instance,":[9],"towards":[10,15,23],"problematic":[11],"changes":[12],"or":[13,19,22],"patches,":[14],"critical":[16],"system":[17],"calls":[18],"dangerous":[20],"locations,":[21],"functions":[24],"in":[25,144],"the":[26,50,82,125],"stack-trace":[27],"of":[28,52,57,115,127],"a":[29,54,66],"reported":[30],"vulnerability":[31],"that":[32,71,78,90,100],"we":[33,40],"wish":[34],"to":[35,76,81,117,136],"reproduce.":[36],"In":[37],"this":[38],"paper,":[39],"introduce":[41],"Directed":[42],"Fuzzing":[44],"(DGF)":[45],"which":[46],"generates":[47],"inputs":[48],"with":[49,95],"objective":[51],"reaching":[53],"given":[55],"set":[56],"target":[58,83],"program":[59],"locations":[60,84],"efficiently.":[61],"We":[62,112],"develop":[63],"and":[64,108,120,123],"evaluate":[65],"simulated":[67],"annealing-based":[68],"power":[69],"schedule":[70],"gradually":[72],"assigns":[73],"more":[74],"energy":[75,87],"seeds":[77,89],"are":[79,91],"closer":[80],"while":[85],"reducing":[86],"further":[92],"away.":[93],"Experiments":[94],"our":[96],"implementation":[97],"AFLGo":[98,128,139],"demonstrate":[99],"DGF":[101,116],"outperforms":[102],"both":[103],"directed":[104],"symbolic-execution-based":[105],"whitebox":[106],"fuzzing":[107,132],"undirected":[109],"greybox":[110],"fuzzing.":[111],"show":[113],"applications":[114],"patch":[118],"testing":[119],"crash":[121],"reproduction,":[122],"discuss":[124],"integration":[126],"into":[129],"Google's":[130],"continuous":[131],"platform":[133],"OSS-Fuzz.":[134],"Due":[135],"its":[137],"directedness,":[138],"could":[140],"find":[141],"39":[142],"bugs":[143],"several":[145],"well-fuzzed,":[146],"security-critical":[147],"projects":[148],"like":[149],"LibXML2.":[150],"17":[151],"CVEs":[152],"were":[153],"assigned.":[154]},"counts_by_year":[{"year":2026,"cited_by_count":12},{"year":2025,"cited_by_count":99},{"year":2024,"cited_by_count":113},{"year":2023,"cited_by_count":106},{"year":2022,"cited_by_count":95},{"year":2021,"cited_by_count":86},{"year":2020,"cited_by_count":79},{"year":2019,"cited_by_count":69},{"year":2018,"cited_by_count":41},{"year":2017,"cited_by_count":2}],"updated_date":"2026-04-11T08:14:18.477133","created_date":"2025-10-10T00:00:00"}