Ifuzzer: : An evolutionary interpreter fuzzer using genetic programming
- Submitting institution
-
University of Bristol
- Unit of assessment
- 11 - Computer Science and Informatics
- Output identifier
- 197615394
- Type
- E - Conference contribution
- DOI
-
10.1007/978-3-319-45744-4_29
- Title of conference / published proceedings
- European Symposium on Research in Computer Security : ESORICS 2016. Lecture Notes in Computer Science
- First page
- 581
- Volume
- -
- Issue
- -
- ISSN
- 0302-9743
- Open access status
- Technical exception
- Month of publication
- September
- Year of publication
- 2016
- URL
-
-
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
3
- Research group(s)
-
B - Cybersecurity and Cryptography
- Citation count
- 17
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- This paper addresses a key shortcoming of general purpose fuzzers for interpreters, by proposing a systematic grammar based fuzzing approach. The work encouraged further usage of grammar-based fuzzing - allowed comparative analysis to newer grammar-based approaching as it provides the only open source tool [NAUTILUS, NDSS’19] scalable for large applications. The tool allowed discovering vulnerabilities in Mozilla and Chome JavaScript engines [https://bugs.chromium.org/p/chromium/issues/detail?id=539366 ]. Received Common Vulnerabilities and Exposures (CVE) ID from Mozilla for the security bug [https://bugzilla.mozilla.org/show_bug.cgi?id=1192401 ]. It is open source ([https://github.com/vspandan/IFuzzer] github, IFuzzer). First author secured employment at Oracle.
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -