{"id":"https://openalex.org/W4411523058","doi":"https://doi.org/10.1145/3728918","title":"WildSync: Automated Fuzzing Harness Synthesis via Wild API Usage Recovery","display_name":"WildSync: Automated Fuzzing Harness Synthesis via Wild API Usage Recovery","publication_year":2025,"publication_date":"2025-06-22","ids":{"openalex":"https://openalex.org/W4411523058","doi":"https://doi.org/10.1145/3728918"},"language":"en","primary_location":{"id":"doi:10.1145/3728918","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3728918","pdf_url":null,"source":{"id":"https://openalex.org/S4404663975","display_name":"Proceedings of the ACM on software engineering.","issn_l":"2994-970X","issn":["2994-970X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Software Engineering","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5102488646","display_name":"Wei\u2010Cheng Wu","orcid":"https://orcid.org/0000-0002-9211-6224"},"institutions":[{"id":"https://openalex.org/I107672454","display_name":"Dartmouth College","ror":"https://ror.org/049s0rh22","country_code":"US","type":"education","lineage":["https://openalex.org/I107672454"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Wei-Cheng Wu","raw_affiliation_strings":["Dartmouth College, Hanover, USA"],"raw_orcid":"https://orcid.org/0000-0002-9211-6224","affiliations":[{"raw_affiliation_string":"Dartmouth College, Hanover, USA","institution_ids":["https://openalex.org/I107672454"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088758050","display_name":"Stefan Nagy","orcid":"https://orcid.org/0000-0003-0220-1706"},"institutions":[{"id":"https://openalex.org/I223532165","display_name":"University of Utah","ror":"https://ror.org/03r0ha626","country_code":"US","type":"education","lineage":["https://openalex.org/I223532165"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Stefan Nagy","raw_affiliation_strings":["University of Utah, Salt Lake City, USA"],"raw_orcid":"https://orcid.org/0000-0003-0220-1706","affiliations":[{"raw_affiliation_string":"University of Utah, Salt Lake City, USA","institution_ids":["https://openalex.org/I223532165"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5028735030","display_name":"Christophe Hauser","orcid":"https://orcid.org/0000-0001-7698-8041"},"institutions":[{"id":"https://openalex.org/I107672454","display_name":"Dartmouth College","ror":"https://ror.org/049s0rh22","country_code":"US","type":"education","lineage":["https://openalex.org/I107672454"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Christophe Hauser","raw_affiliation_strings":["Dartmouth College, Hanover, USA"],"raw_orcid":"https://orcid.org/0000-0001-7698-8041","affiliations":[{"raw_affiliation_string":"Dartmouth College, Hanover, USA","institution_ids":["https://openalex.org/I107672454"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.7117,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.84246166,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":"2","issue":"ISSTA","first_page":"963","last_page":"984"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9955000281333923,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/fuzz-testing","display_name":"Fuzz testing","score":0.9926968812942505},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8508076667785645},{"id":"https://openalex.org/keywords/parsing","display_name":"Parsing","score":0.5220382213592529},{"id":"https://openalex.org/keywords/scalability","display_name":"Scalability","score":0.49481743574142456},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.47891509532928467},{"id":"https://openalex.org/keywords/code-coverage","display_name":"Code coverage","score":0.4784031808376312},{"id":"https://openalex.org/keywords/taint-checking","display_name":"Taint checking","score":0.46194085478782654},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.45121386647224426},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.42636242508888245},{"id":"https://openalex.org/keywords/software-bug","display_name":"Software bug","score":0.4188951551914215},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.3589615821838379},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.2728245258331299}],"concepts":[{"id":"https://openalex.org/C111065885","wikidata":"https://www.wikidata.org/wiki/Q1189053","display_name":"Fuzz testing","level":3,"score":0.9926968812942505},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8508076667785645},{"id":"https://openalex.org/C186644900","wikidata":"https://www.wikidata.org/wiki/Q194152","display_name":"Parsing","level":2,"score":0.5220382213592529},{"id":"https://openalex.org/C48044578","wikidata":"https://www.wikidata.org/wiki/Q727490","display_name":"Scalability","level":2,"score":0.49481743574142456},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.47891509532928467},{"id":"https://openalex.org/C53942775","wikidata":"https://www.wikidata.org/wiki/Q1211721","display_name":"Code coverage","level":3,"score":0.4784031808376312},{"id":"https://openalex.org/C63116202","wikidata":"https://www.wikidata.org/wiki/Q7676227","display_name":"Taint checking","level":3,"score":0.46194085478782654},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.45121386647224426},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.42636242508888245},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.4188951551914215},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.3589615821838379},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.2728245258331299}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3728918","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3728918","pdf_url":null,"source":{"id":"https://openalex.org/S4404663975","display_name":"Proceedings of the ACM on software engineering.","issn_l":"2994-970X","issn":["2994-970X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the ACM on Software Engineering","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":12,"referenced_works":["https://openalex.org/W2002934700","https://openalex.org/W2911518933","https://openalex.org/W2928702109","https://openalex.org/W2963298680","https://openalex.org/W2979357014","https://openalex.org/W3162605691","https://openalex.org/W4284694562","https://openalex.org/W4293795372","https://openalex.org/W4385187202","https://openalex.org/W4388483033","https://openalex.org/W4388857347","https://openalex.org/W4402442582"],"related_works":["https://openalex.org/W2008592783","https://openalex.org/W2179304688","https://openalex.org/W2004278744","https://openalex.org/W2159690530","https://openalex.org/W2107510936","https://openalex.org/W4381785649","https://openalex.org/W4226494072","https://openalex.org/W4287849816","https://openalex.org/W4283736421","https://openalex.org/W2384504389"],"abstract_inverted_index":{"Fuzzing":[0],"stands":[1],"as":[2],"one":[3],"of":[4,87,97,117,126,141,161,206,215,268],"the":[5,29,124,139,187,212],"most":[6],"practical":[7],"techniques":[8,168],"for":[9,119,218,232],"testing":[10,118],"software":[11,17,38],"efficiently.":[12],"When":[13],"applying":[14],"fuzzing":[15,21,47,145,155,216],"to":[16,27,45,69,132,137,152,176,193],"library":[18],"APIs,":[19],"high-quality":[20],"harnesses":[22,111,156,192,217,231],"are":[23,61],"essential,":[24],"enabling":[25,211],"fuzzers":[26],"execute":[28],"APIs":[30],"with":[31],"precise":[32],"sequences":[33],"and":[34,66,83,239,265],"function":[35],"parameters.":[36],"Although":[37],"developers":[39],"commonly":[40],"rely":[41],"on":[42,72,170,221,237],"manual":[43,81],"efforts":[44],"create":[46],"harnesses,":[48],"there":[49],"has":[50],"been":[51],"a":[52,94,149,204,255],"growing":[53],"interest":[54],"in":[55,64,254,258],"automating":[56],"this":[57,207],"process.":[58],"Existing":[59],"works":[60],"often":[62],"constrained":[63],"scalability":[65],"effectiveness":[67],"due":[68],"their":[70],"reliance":[71],"compiler-based":[73],"analysis":[74],"or":[75,112],"runtime":[76],"execution":[77],"traces,":[78],"which":[79],"require":[80],"setup":[82],"configuration.":[84],"Our":[85],"investigation":[86],"multiple":[88],"actively":[89,234],"fuzzed":[90,235],"libraries":[91,220,236,244],"reveals":[92],"that":[93,245],"large":[95],"number":[96],"exported":[98],"API":[99,121,178],"functions":[100,122,163,264],"externally":[101],"used":[102,243],"by":[103,109,157],"various":[104],"open-source":[105],"projects":[106],"remain":[107],"untested":[108,162,199],"existing":[110,144,191],"unit-test":[113],"files.":[114],"The":[115],"lack":[116,140],"these":[120,198],"increase":[123,257],"risk":[125],"vulnerabilities":[127],"going":[128],"undetected,":[129],"potentially":[130],"leading":[131],"security":[133],"issues.":[134],"In":[135,223],"order":[136],"address":[138],"coverage":[142,260],"affecting":[143],"methods,":[146],"we":[147,185],"propose":[148],"novel":[150],"approach":[151],"automatically":[153],"generate":[154],"extracting":[158],"usage":[159,179,188],"patterns":[160,189],"from":[164,180],"real-world":[165],"scenarios,":[166],"using":[167],"based":[169],"lightweight":[171],"Abstract":[172],"Syntax":[173],"Tree":[174],"parsing":[175],"extract":[177],"external":[181],"source":[182],"code.":[183],"Then,":[184],"integrate":[186],"into":[190,250],"construct":[194],"new":[195,230],"ones":[196],"covering":[197],"functions.":[200],"We":[201],"have":[202],"implemented":[203],"prototype":[205],"concept":[208],"named":[209],"WildSync,":[210],"automatic":[213],"synthesis":[214],"C/C++":[219],"OSS-Fuzz.":[222,251],"our":[224],"experiments,":[225],"WildSync":[226],"successfully":[227],"produced":[228],"469":[229],"24":[233],"OSS-Fuzz,":[238],"also":[240,271],"3":[241],"widely":[242],"can":[246],"be":[247],"later":[248],"integrated":[249],"This":[252],"results":[253],"significant":[256],"test":[259],"spanning":[261],"over":[262],"1.3k":[263],"16k":[266],"lines":[267],"code,":[269],"while":[270],"identifying":[272],"7":[273],"previously":[274],"undetected":[275],"bugs.":[276]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}