{"id":"https://openalex.org/W4387803006","doi":"https://doi.org/10.1145/3611019","title":"Boosting Fuzzer Efficiency: An Information Theoretic Perspective","display_name":"Boosting Fuzzer Efficiency: An Information Theoretic Perspective","publication_year":2023,"publication_date":"2023-10-20","ids":{"openalex":"https://openalex.org/W4387803006","doi":"https://doi.org/10.1145/3611019"},"language":"en","primary_location":{"id":"doi:10.1145/3611019","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3611019","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3611019","source":{"id":"https://openalex.org/S103482838","display_name":"Communications of the ACM","issn_l":"0001-0782","issn":["0001-0782","1557-7317"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Communications of the ACM","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3611019","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5005260100","display_name":"Marcel B\u00f6hme","orcid":"https://orcid.org/0000-0002-4470-1824"},"institutions":[{"id":"https://openalex.org/I4210096592","display_name":"Max Planck Institute for Security and Privacy","ror":"https://ror.org/00bj0r217","country_code":"DE","type":"facility","lineage":["https://openalex.org/I149899117","https://openalex.org/I4210096592"]},{"id":"https://openalex.org/I56590836","display_name":"Monash University","ror":"https://ror.org/02bfwt286","country_code":"AU","type":"education","lineage":["https://openalex.org/I56590836"]}],"countries":["AU","DE"],"is_corresponding":true,"raw_author_name":"Marcel B\u00f6hme","raw_affiliation_strings":["MPI-SP, Germany; Monash University, Australia","Monash University, Australia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"MPI-SP, Germany; Monash University, Australia","institution_ids":["https://openalex.org/I4210096592","https://openalex.org/I56590836"]},{"raw_affiliation_string":"Monash University, Australia","institution_ids":["https://openalex.org/I56590836"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003156582","display_name":"Valentin J. M. Man\u00e8s","orcid":"https://orcid.org/0000-0002-2932-5568"},"institutions":[{"id":"https://openalex.org/I157485424","display_name":"Korea Advanced Institute of Science and Technology","ror":"https://ror.org/05apxxy63","country_code":"KR","type":"education","lineage":["https://openalex.org/I157485424"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Valentin J. M. Man\u00e8s","raw_affiliation_strings":["CSRC, KAIST, Korea"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"CSRC, KAIST, Korea","institution_ids":["https://openalex.org/I157485424"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5031854438","display_name":"Sang Kil","orcid":"https://orcid.org/0000-0002-6012-7228"},"institutions":[{"id":"https://openalex.org/I157485424","display_name":"Korea Advanced Institute of Science and Technology","ror":"https://ror.org/05apxxy63","country_code":"KR","type":"education","lineage":["https://openalex.org/I157485424"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Sang Kil Cha","raw_affiliation_strings":["CSRC, KAIST, Korea"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"CSRC, KAIST, Korea","institution_ids":["https://openalex.org/I157485424"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5005260100"],"corresponding_institution_ids":["https://openalex.org/I4210096592","https://openalex.org/I56590836"],"apc_list":null,"apc_paid":null,"fwci":0.6355,"has_fulltext":true,"cited_by_count":3,"citation_normalized_percentile":{"value":0.7715847,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":"66","issue":"11","first_page":"89","last_page":"97"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9976999759674072,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9826980829238892},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7769199013710022},{"id":"https://openalex.org/keywords/boosting","display_name":"Boosting (machine learning)","score":0.495641827583313},{"id":"https://openalex.org/keywords/probabilistic-logic","display_name":"Probabilistic logic","score":0.49024873971939087},{"id":"https://openalex.org/keywords/entropy","display_name":"Entropy (arrow of time)","score":0.4874558448791504},{"id":"https://openalex.org/keywords/schedule","display_name":"Schedule","score":0.44969117641448975},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.3807166814804077},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.36596131324768066},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.36024153232574463},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.33791691064834595},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.1438109278678894}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9826980829238892},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7769199013710022},{"id":"https://openalex.org/C46686674","wikidata":"https://www.wikidata.org/wiki/Q466303","display_name":"Boosting (machine learning)","level":2,"score":0.495641827583313},{"id":"https://openalex.org/C49937458","wikidata":"https://www.wikidata.org/wiki/Q2599292","display_name":"Probabilistic logic","level":2,"score":0.49024873971939087},{"id":"https://openalex.org/C106301342","wikidata":"https://www.wikidata.org/wiki/Q4117933","display_name":"Entropy (arrow of time)","level":2,"score":0.4874558448791504},{"id":"https://openalex.org/C68387754","wikidata":"https://www.wikidata.org/wiki/Q7271585","display_name":"Schedule","level":2,"score":0.44969117641448975},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.3807166814804077},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.36596131324768066},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.36024153232574463},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.33791691064834595},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.1438109278678894},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3611019","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3611019","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3611019","source":{"id":"https://openalex.org/S103482838","display_name":"Communications of the ACM","issn_l":"0001-0782","issn":["0001-0782","1557-7317"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Communications of the ACM","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1145/3611019","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3611019","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3611019","source":{"id":"https://openalex.org/S103482838","display_name":"Communications of the ACM","issn_l":"0001-0782","issn":["0001-0782","1557-7317"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Communications of the ACM","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Affordable and clean energy","id":"https://metadata.un.org/sdg/7","score":0.4300000071525574}],"awards":[{"id":"https://openalex.org/G3345848380","display_name":null,"funder_award_id":"DE190100046","funder_id":"https://openalex.org/F4320334704","funder_display_name":"Australian Research Council"},{"id":"https://openalex.org/G3756510953","display_name":null,"funder_award_id":"2019-0-01697","funder_id":"https://openalex.org/F4320328359","funder_display_name":"Ministry of Science and ICT, South Korea"}],"funders":[{"id":"https://openalex.org/F4320328359","display_name":"Ministry of Science and ICT, South Korea","ror":"https://ror.org/01wpjm123"},{"id":"https://openalex.org/F4320331131","display_name":"Australian Research Data Commons","ror":null},{"id":"https://openalex.org/F4320334704","display_name":"Australian Research Council","ror":"https://ror.org/05mmh0f86"},{"id":"https://openalex.org/F4320335489","display_name":"Institute for Information and Communications Technology Promotion","ror":"https://ror.org/01g0hqq23"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4387803006.pdf","grobid_xml":"https://content.openalex.org/works/W4387803006.grobid-xml"},"referenced_works_count":21,"referenced_works":["https://openalex.org/W1517637393","https://openalex.org/W1990414292","https://openalex.org/W1995875735","https://openalex.org/W2050238751","https://openalex.org/W2067416361","https://openalex.org/W2088917779","https://openalex.org/W2106065105","https://openalex.org/W2106235393","https://openalex.org/W2138428785","https://openalex.org/W2242274110","https://openalex.org/W2340281863","https://openalex.org/W2582998992","https://openalex.org/W2912296587","https://openalex.org/W2963147982","https://openalex.org/W2964241064","https://openalex.org/W2979357014","https://openalex.org/W3099627437","https://openalex.org/W3101845936","https://openalex.org/W3194771370","https://openalex.org/W3195980781","https://openalex.org/W6672652581"],"related_works":["https://openalex.org/W2511770387","https://openalex.org/W3120811337","https://openalex.org/W3203597304","https://openalex.org/W2990186179","https://openalex.org/W4248424560","https://openalex.org/W4385301282","https://openalex.org/W3023977444","https://openalex.org/W2766647240","https://openalex.org/W4210660460","https://openalex.org/W3119380829"],"abstract_inverted_index":{"In":[0],"this":[1,43,134],"paper,":[2],"we":[3,17,37,49,107,138],"take":[4],"the":[5,21,33,46,52,96,99,118,123,161,200,204],"fundamental":[6],"perspective":[7],"of":[8,23,66,75,98,105,218],"fuzzing":[9,147,216],"as":[10,203],"a":[11,24,56,102,178],"learning":[12],"process.":[13],"Suppose":[14],"before":[15],"fuzzing,":[16,106],"know":[18],"nothing":[19],"about":[20,68,95],"behaviors":[22,97],"program":[25],"P":[26,40,69],":":[27],"What":[28],"does":[29],"it":[30,116],"do?":[31],"Executing":[32,45],"first":[34],"test":[35,93],"input,":[36,48],"learn":[38],"how":[39,86,109],"behaves":[41],"for":[42,145],"input.":[44],"next":[47],"either":[50],"observe":[51],"same":[53],"or":[54],"discover":[55],"new":[57,126],"behavior.":[58],"As":[59],"such,":[60],"each":[61,91],"execution":[62],"reveals":[63],"\"some":[64],"amount\"":[65],"information":[67,76,135],"'s":[70],"behaviors.":[71,127],"A":[72],"classic":[73],"measure":[74],"is":[77,88],"Shannon's":[78],"entropy.":[79],"Measuring":[80],"entropy":[81,110],"allows":[82],"us":[83],"to":[84,152],"quantify":[85],"much":[87],"learned":[89],"from":[90],"generated":[92],"input":[94],"program.":[100],"Within":[101],"probabilistic":[103],"model":[104],"show":[108],"also":[111],"measures":[112,117],"fuzzer":[113,124,164,189],"efficiency.":[114],"Specifically,":[115],"general":[119],"rate":[120],"at":[121],"which":[122],"discovers":[125],"Intuitively,":[128],"efficient":[129,188],"fuzzers":[130],"maximize":[131,155],"information.":[132,156,191],"From":[133],"theoretic":[136],"perspective,":[137],"develop":[139],"ENTROPIC,":[140],"an":[141,187],"entropy-based":[142],"power":[143,206],"schedule":[144],"greybox":[146,163],"that":[148,154,186],"assigns":[149],"more":[150,169,212],"energy":[151],"seeds":[153],"We":[157],"implemented":[158],"ENTROPIC":[159,192,208],"into":[160,199],"popular":[162],"LIBFUZZER.":[165],"Our":[166],"experiments":[167],"with":[168],"than":[170,213],"250":[171],"open-source":[172],"programs":[173],"(60":[174],"million":[175],"LoC)":[176],"demonstrate":[177],"substantially":[179],"improved":[180],"efficiency":[181],"and":[182,197,223],"confirm":[183],"our":[184],"hypothesis":[185],"maximizes":[190],"has":[193],"been":[194],"independently":[195],"evaluated":[196],"integrated":[198],"main-line":[201],"LIBFUZZER":[202],"default":[205],"schedule.":[207],"now":[209],"runs":[210],"on":[211],"25,000":[214],"machines":[215],"hundreds":[217],"security-critical":[219],"software":[220],"systems":[221],"simultaneously":[222],"continuously.":[224]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1}],"updated_date":"2026-05-03T08:25:01.440150","created_date":"2025-10-10T00:00:00"}