{"id":"https://openalex.org/W2888617017","doi":"https://doi.org/10.1145/3270101.3270108","title":"Adaptive Grey-Box Fuzz-Testing with Thompson Sampling","display_name":"Adaptive Grey-Box Fuzz-Testing with Thompson Sampling","publication_year":2018,"publication_date":"2018-01-15","ids":{"openalex":"https://openalex.org/W2888617017","doi":"https://doi.org/10.1145/3270101.3270108","mag":"2888617017"},"language":"en","primary_location":{"id":"doi:10.1145/3270101.3270108","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3270101.3270108","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 11th ACM Workshop on Artificial Intelligence and Security","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/1808.08256","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5066892638","display_name":"Siddharth Karamcheti","orcid":"https://orcid.org/0000-0003-2153-2455"},"institutions":[{"id":"https://openalex.org/I1299907687","display_name":"Bloomberg (United States)","ror":"https://ror.org/02rdpzb15","country_code":"US","type":"company","lineage":["https://openalex.org/I1299907687"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Siddharth Karamcheti","raw_affiliation_strings":["Bloomberg, New York, NY, USA"],"affiliations":[{"raw_affiliation_string":"Bloomberg, New York, NY, USA","institution_ids":["https://openalex.org/I1299907687"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003968629","display_name":"Gideon Mann","orcid":null},"institutions":[{"id":"https://openalex.org/I1299907687","display_name":"Bloomberg (United States)","ror":"https://ror.org/02rdpzb15","country_code":"US","type":"company","lineage":["https://openalex.org/I1299907687"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Gideon Mann","raw_affiliation_strings":["Bloomberg, New York, NY, USA"],"affiliations":[{"raw_affiliation_string":"Bloomberg, New York, NY, USA","institution_ids":["https://openalex.org/I1299907687"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5026405650","display_name":"David S. Rosenberg","orcid":"https://orcid.org/0000-0002-4593-9340"},"institutions":[{"id":"https://openalex.org/I1299907687","display_name":"Bloomberg (United States)","ror":"https://ror.org/02rdpzb15","country_code":"US","type":"company","lineage":["https://openalex.org/I1299907687"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"David Rosenberg","raw_affiliation_strings":["Bloomberg, New York, NY, USA"],"affiliations":[{"raw_affiliation_string":"Bloomberg, New York, NY, USA","institution_ids":["https://openalex.org/I1299907687"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5066892638"],"corresponding_institution_ids":["https://openalex.org/I1299907687"],"apc_list":null,"apc_paid":null,"fwci":3.7098,"has_fulltext":false,"cited_by_count":31,"citation_normalized_percentile":{"value":0.9395218,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"37","last_page":"47"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12072","display_name":"Machine Learning and Algorithms","score":0.9817000031471252,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9768999814987183,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9957082271575928},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7717056274414062},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5483052730560303},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.4938274323940277},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4831659197807312},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.4331928789615631},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4204225242137909},{"id":"https://openalex.org/keywords/code-coverage","display_name":"Code coverage","score":0.4202449917793274},{"id":"https://openalex.org/keywords/sampling","display_name":"Sampling (signal processing)","score":0.41881227493286133},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.3323635458946228},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.21904486417770386},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.1423155665397644}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9957082271575928},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7717056274414062},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5483052730560303},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.4938274323940277},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4831659197807312},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.4331928789615631},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4204225242137909},{"id":"https://openalex.org/C53942775","wikidata":"https://www.wikidata.org/wiki/Q1211721","display_name":"Code coverage","level":3,"score":0.4202449917793274},{"id":"https://openalex.org/C140779682","wikidata":"https://www.wikidata.org/wiki/Q210868","display_name":"Sampling (signal processing)","level":3,"score":0.41881227493286133},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3323635458946228},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.21904486417770386},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.1423155665397644},{"id":"https://openalex.org/C106131492","wikidata":"https://www.wikidata.org/wiki/Q3072260","display_name":"Filter (signal processing)","level":2,"score":0.0},{"id":"https://openalex.org/C31972630","wikidata":"https://www.wikidata.org/wiki/Q844240","display_name":"Computer vision","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3270101.3270108","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3270101.3270108","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 11th ACM Workshop on Artificial Intelligence and Security","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:1808.08256","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1808.08256","pdf_url":"https://arxiv.org/pdf/1808.08256","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:1808.08256","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1808.08256","pdf_url":"https://arxiv.org/pdf/1808.08256","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":28,"referenced_works":["https://openalex.org/W32403112","https://openalex.org/W116894366","https://openalex.org/W157156687","https://openalex.org/W614438062","https://openalex.org/W1546956568","https://openalex.org/W1710734607","https://openalex.org/W1911551976","https://openalex.org/W2002934700","https://openalex.org/W2042033151","https://openalex.org/W2128128820","https://openalex.org/W2128985333","https://openalex.org/W2147976636","https://openalex.org/W2155539595","https://openalex.org/W2159899121","https://openalex.org/W2295974667","https://openalex.org/W2408027109","https://openalex.org/W2515236103","https://openalex.org/W2535617737","https://openalex.org/W2574017551","https://openalex.org/W2613534458","https://openalex.org/W2741068848","https://openalex.org/W2765363641","https://openalex.org/W2766540688","https://openalex.org/W2769748476","https://openalex.org/W2783428950","https://openalex.org/W2963064278","https://openalex.org/W2963723316","https://openalex.org/W3104664063"],"related_works":["https://openalex.org/W4313066017","https://openalex.org/W2297949281","https://openalex.org/W4381785649","https://openalex.org/W1964740600","https://openalex.org/W4226494072","https://openalex.org/W2884946294","https://openalex.org/W3091033583","https://openalex.org/W2991920445","https://openalex.org/W4283736421","https://openalex.org/W2914996832"],"abstract_inverted_index":{"Fuzz":[0],"testing,":[1],"or":[2],"\"fuzzing,\"":[3],"refers":[4],"to":[5,48],"a":[6,17,44,58,73,81,105,121,140],"widely":[7],"deployed":[8],"class":[9],"of":[10,19,25,108,135,155,166,180,200],"techniques":[11],"for":[12,21],"testing":[13],"programs":[14,130,170],"by":[15,70],"generating":[16],"set":[18,165],"inputs":[20,102,181],"the":[22,34,66,109,148,153,174],"express":[23],"purpose":[24],"finding":[26],"bugs":[27],"and":[28,94,160,188,193],"identifying":[29],"security":[30],"flaws.":[31],"Grey-box":[32],"fuzzing,":[33],"most":[35],"popular":[36],"fuzzing":[37,156],"strategy,":[38],"combines":[39],"light":[40],"program":[41,51,159],"instrumentation":[42],"with":[43],"data":[45],"driven":[46],"process":[47],"generate":[49],"new":[50,101],"inputs.":[52],"In":[53],"this":[54],"work,":[55],"we":[56,118,138],"present":[57],"machine":[59],"learning":[60,72,207],"approach":[61,145],"that":[62,120,146,172,182],"builds":[63],"on":[64,80],"AFL,":[65],"preeminent":[67],"grey-box":[68],"fuzzer,":[69],"adaptively":[71],"probability":[74],"distribution":[75,123,150,177],"over":[76,124],"its":[77],"mutation":[78,125],"operators":[79,126],"program-specific":[82],"basis.":[83],"These":[84],"operators,":[85],"which":[86],"are":[87,103,115],"selected":[88],"uniformly":[89],"at":[90],"random":[91],"in":[92,97],"AFL":[93,201],"mutational":[95,175],"fuzzers":[96],"general,":[98],"dictate":[99],"how":[100],"generated,":[104],"core":[106],"part":[107],"fuzzer's":[110],"efficacy.":[111],"Our":[112],"main":[113],"contributions":[114],"two-fold:":[116],"First,":[117],"show":[119],"sampling":[122],"estimated":[127],"from":[128],"training":[129],"can":[131],"significantly":[132,184],"improve":[133],"performance":[134],"AFL.":[136],"Second,":[137],"introduce":[139],"Thompson":[141],"Sampling,":[142],"bandit-based":[143],"optimization":[144],"fine-tunes":[147],"mutator":[149],"adaptively,":[151],"during":[152],"course":[154],"an":[157],"individual":[158],"outperforms":[161],"offline":[162],"training.":[163],"A":[164],"experiments":[167],"across":[168],"complex":[169],"demonstrates":[171],"tuning":[173],"operator":[176],"generates":[178],"sets":[179],"yield":[183],"higher":[185],"code":[186],"coverage":[187],"finds":[189],"more":[190,194],"crashes":[191],"faster":[192],"reliably":[195],"than":[196],"both":[197],"baseline":[198],"versions":[199],"as":[202,204],"well":[203],"other":[205],"AFL-based":[206],"approaches.":[208]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":8},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":6},{"year":2019,"cited_by_count":2}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2025-10-10T00:00:00"}