var bibbase_data = {"data":"<img src=\"//bibbase.org/img/ajax-loader.gif\" id=\"spinner\"\n  style=\"display: none;\" alt=\"Loading..\" />\n\n<div id=\"bibbase\">\n\n  <script type=\"text/javascript\">\n    var bibbase = {\n      params: {\"bib\":\"http://emre-gueler.de/publications.bib\",\"jsonp\":\"1\",\"host\":\"bibbase.org\"},\n      data: [{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities\",\"author\":[{\"firstnames\":[\"Emre\"],\"propositions\":[],\"lastnames\":[\"Güler\"],\"suffixes\":[]},{\"firstnames\":[\"Sergej\"],\"propositions\":[],\"lastnames\":[\"Schumilo\"],\"suffixes\":[]},{\"firstnames\":[\"Moritz\"],\"propositions\":[],\"lastnames\":[\"Schloegel\"],\"suffixes\":[]},{\"firstnames\":[\"Nils\"],\"propositions\":[],\"lastnames\":[\"Bars\"],\"suffixes\":[]},{\"firstnames\":[\"Philipp\"],\"propositions\":[],\"lastnames\":[\"Görz\"],\"suffixes\":[]},{\"firstnames\":[\"Xinyi\"],\"propositions\":[],\"lastnames\":[\"Xu\"],\"suffixes\":[]},{\"firstnames\":[\"Cemal\"],\"propositions\":[],\"lastnames\":[\"Kaygusuz\"],\"suffixes\":[]},{\"firstnames\":[\"Thorsten\"],\"propositions\":[],\"lastnames\":[\"Holz\"],\"suffixes\":[]}],\"booktitle\":\"Proceedings of the 33rd USENIX Security Symposium\",\"year\":\"2024\",\"url_paper\":\"https://www.usenix.org/system/files/sec23winter-prepub-167-guler.pdf\",\"url_github\":\"https://github.com/cispa-syssec/atropos-legacy\",\"bibtex\":\"@inproceedings{atropos,\\n  title={{Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities}},\\n  author={Emre G{\\\\\\\"{u}}ler and Sergej Schumilo and Moritz Schloegel and Nils Bars and Philipp G{\\\\\\\"{o}}rz and Xinyi Xu and Cemal Kaygusuz and Thorsten Holz},\\n  booktitle={Proceedings of the 33rd USENIX Security Symposium},\\n  year={2024},\\n  url_paper = {https://www.usenix.org/system/files/sec23winter-prepub-167-guler.pdf},\\n  url_github = {https://github.com/cispa-syssec/atropos-legacy}\\n}\\n\\n\",\"author_short\":[\"Güler, E.\",\"Schumilo, S.\",\"Schloegel, M.\",\"Bars, N.\",\"Görz, P.\",\"Xu, X.\",\"Kaygusuz, C.\",\"Holz, T.\"],\"key\":\"atropos\",\"id\":\"atropos\",\"bibbaseid\":\"gler-schumilo-schloegel-bars-grz-xu-kaygusuz-holz-atroposeffectivefuzzingofwebapplicationsforserversidevulnerabilities-2024\",\"role\":\"author\",\"urls\":{\" paper\":\"https://www.usenix.org/system/files/sec23winter-prepub-167-guler.pdf\",\" github\":\"https://github.com/cispa-syssec/atropos-legacy\"},\"metadata\":{\"authorlinks\":{\"güler, e\":\"https://www.emre-gueler.de/\"}},\"downloads\":5,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"Systematic assessment of fuzzers using mutation analysis\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Görz\"],\"firstnames\":[\"Philipp\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Mathis\"],\"firstnames\":[\"Björn\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Hassler\"],\"firstnames\":[\"Keno\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Güler\"],\"firstnames\":[\"Emre\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Holz\"],\"firstnames\":[\"Thorsten\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Zeller\"],\"firstnames\":[\"Andreas\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Gopinath\"],\"firstnames\":[\"Rahul\"],\"suffixes\":[]}],\"booktitle\":\"Proceedings of the 32nd USENIX Security Symposium\",\"year\":\"2023\",\"url_paper\":\"https://www.usenix.org/system/files/usenixsecurity23-gorz.pdf\",\"url_github\":\"https://github.com/CISPA-SysSec/mua_fuzzer_bench\",\"bibtex\":\"@inproceedings{gorz2023systematic,\\n  title={Systematic assessment of fuzzers using mutation analysis},\\n  author={G{\\\\\\\"o}rz, Philipp and Mathis, Bj{\\\\\\\"o}rn and Hassler, Keno and G{\\\\\\\"u}ler, Emre and Holz, Thorsten and Zeller, Andreas and Gopinath, Rahul},\\n  booktitle={Proceedings of the 32nd USENIX Security Symposium},\\n  year={2023},\\n  url_paper = {https://www.usenix.org/system/files/usenixsecurity23-gorz.pdf},\\n  url_github = {https://github.com/CISPA-SysSec/mua_fuzzer_bench}\\n}\\n\\n\",\"author_short\":[\"Görz, P.\",\"Mathis, B.\",\"Hassler, K.\",\"Güler, E.\",\"Holz, T.\",\"Zeller, A.\",\"Gopinath, R.\"],\"key\":\"gorz2023systematic\",\"id\":\"gorz2023systematic\",\"bibbaseid\":\"grz-mathis-hassler-gler-holz-zeller-gopinath-systematicassessmentoffuzzersusingmutationanalysis-2023\",\"role\":\"author\",\"urls\":{\" paper\":\"https://www.usenix.org/system/files/usenixsecurity23-gorz.pdf\",\" github\":\"https://github.com/CISPA-SysSec/mua_fuzzer_bench\"},\"metadata\":{\"authorlinks\":{\"güler, e\":\"https://www.emre-gueler.de/\"}},\"downloads\":1,\"html\":\"\"},{\"bibtype\":\"article\",\"type\":\"article\",\"abstract\":\"A general defense strategy in computer security is to increase the cost of successful attacks in both computational resources as well as human time. In the area of binary security, this is commonly done by using obfuscation methods to hinder reverse engineering and the search for software vulnerabilities. However, recent trends in automated bug finding changed the modus operandi. Nowadays it is very common for bugs to be found by various fuzzing tools. Due to ever-increasing amounts of automation and research on better fuzzing strategies, large-scale, dragnet-style fuzzing of many hundreds of targets becomes viable. As we show, current obfuscation techniques are aimed at increasing the cost of human understanding and do little to slow down fuzzing. In this paper, we introduce several techniques to protect a binary executable against an analysis with automated bug finding approaches that are based on fuzzing, symbolic/concolic execution, and taint-assisted fuzzing (commonly known as hybrid fuzzing). More specifically, we perform a systematic analysis of the fundamental assumptions of bug finding tools and develop general countermeasures for each assumption. Note that these techniques are not designed to target specific implementations of fuzzing tools, but address general assumptions that bug finding tools necessarily depend on. Our evaluation demonstrates that these techniques effectively impede fuzzing audits, while introducing a negligible performance overhead. Just as obfuscation techniques increase the amount of human labor needed to find a vulnerability, our techniques render automated fuzzing-based approaches futile.\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Güler\"],\"firstnames\":[\"Emre\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Aschermann\"],\"firstnames\":[\"Cornelius\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Abbasi\"],\"firstnames\":[\"Ali\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Holz\"],\"firstnames\":[\"Thorsten\"],\"suffixes\":[]}],\"isbn\":\"9781939133069\",\"journal\":\"Proceedings of the 28th USENIX Security Symposium\",\"pages\":\"1931–1947\",\"title\":\"AntiFuzz: Impeding Fuzzing Audits of Binary Executables\",\"year\":\"2019\",\"url_paper\":\"https://www.usenix.org/system/files/sec19-guler.pdf\",\"url_github\":\"https://github.com/RUB-SysSec/antifuzz\",\"bibtex\":\"@article{antifuzz,\\nabstract = {A general defense strategy in computer security is to increase the cost of successful attacks in both computational resources as well as human time. In the area of binary security, this is commonly done by using obfuscation methods to hinder reverse engineering and the search for software vulnerabilities. However, recent trends in automated bug finding changed the modus operandi. Nowadays it is very common for bugs to be found by various fuzzing tools. Due to ever-increasing amounts of automation and research on better fuzzing strategies, large-scale, dragnet-style fuzzing of many hundreds of targets becomes viable. As we show, current obfuscation techniques are aimed at increasing the cost of human understanding and do little to slow down fuzzing. In this paper, we introduce several techniques to protect a binary executable against an analysis with automated bug finding approaches that are based on fuzzing, symbolic/concolic execution, and taint-assisted fuzzing (commonly known as hybrid fuzzing). More specifically, we perform a systematic analysis of the fundamental assumptions of bug finding tools and develop general countermeasures for each assumption. Note that these techniques are not designed to target specific implementations of fuzzing tools, but address general assumptions that bug finding tools necessarily depend on. Our evaluation demonstrates that these techniques effectively impede fuzzing audits, while introducing a negligible performance overhead. Just as obfuscation techniques increase the amount of human labor needed to find a vulnerability, our techniques render automated fuzzing-based approaches futile.},\\nauthor = {G{\\\\\\\"{u}}ler, Emre and Aschermann, Cornelius and Abbasi, Ali and Holz, Thorsten},\\nisbn = {9781939133069},\\njournal = {Proceedings of the 28th USENIX Security Symposium},\\npages = {1931--1947},\\ntitle = {{AntiFuzz: Impeding Fuzzing Audits of Binary Executables}},\\nyear = {2019},\\nurl_paper =    {https://www.usenix.org/system/files/sec19-guler.pdf},\\nurl_github =     {https://github.com/RUB-SysSec/antifuzz}\\n}\\n\\n\",\"author_short\":[\"Güler, E.\",\"Aschermann, C.\",\"Abbasi, A.\",\"Holz, T.\"],\"key\":\"antifuzz\",\"id\":\"antifuzz\",\"bibbaseid\":\"gler-aschermann-abbasi-holz-antifuzzimpedingfuzzingauditsofbinaryexecutables-2019\",\"role\":\"author\",\"urls\":{\" paper\":\"https://www.usenix.org/system/files/sec19-guler.pdf\",\" github\":\"https://github.com/RUB-SysSec/antifuzz\"},\"metadata\":{\"authorlinks\":{\"abbasi, a\":\"https://bibbase.org/show?bib=https://dblp.org/pid/73/2297-2.bib\",\"güler, e\":\"https://www.emre-gueler.de/\"}},\"downloads\":196,\"html\":\"\"},{\"bibtype\":\"article\",\"type\":\"article\",\"abstract\":\"Combining the strengths of individual fuzzing methods is an appealing idea to find software faults more efficiently, especially when the computing budget is limited. In prior work, EnFuzz introduced the idea of ensemble fuzzing and devised three heuristics to classify properties of fuzzers in terms of diversity. Based on these heuristics, the authors manually picked a combination of different fuzzers that collaborate. In this paper, we generalize this idea by collecting and applying empirical data from single, isolated fuzzer runs to automatically identify a set of fuzzers that complement each other when executed collaboratively. To this end, we present Cupid, a collaborative fuzzing framework allowing automated, data-driven selection of multiple complementary fuzzers for parallelized and distributed fuzzing. We evaluate the automatically selected target-independent combination of fuzzers by Cupid on Google's fuzzer-test-suite, a collection of real-world binaries, as well as on the synthetic Lava-M dataset. We find that Cupid outperforms two expert-guided, target-specific and hand-picked combinations on Google's fuzzer-test-suite in terms of branch coverage, and improves bug finding on Lava-M by 10%. Most importantly, we improve the latency for obtaining 95% and 99% of the coverage by 90% and 64%, respectively. Furthermore , Cupid reduces the amount of CPU hours needed to find a high-performing combination of fuzzers by multiple orders of magnitude compared to an exhaustive evaluation.\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Güler\"],\"firstnames\":[\"Emre\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Görz\"],\"firstnames\":[\"Philipp\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Geretto\"],\"firstnames\":[\"Elia\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Jemmett\"],\"firstnames\":[\"Andrea\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Österlund\"],\"firstnames\":[\"Sebastian\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Holz\"],\"firstnames\":[\"Thorsten\"],\"suffixes\":[]}],\"journal\":\"Annual Computer Security Applications Conference (ACSAC)\",\"title\":\"Cupid : Automatic Fuzzer Selection for Collaborative Fuzzing\",\"year\":\"2020\",\"url_paper\":\"https://www.ei.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2020/09/26/ACSAC20-Cupid_TiM9H07.pdf\",\"url_github\":\"https://github.com/RUB-SysSec/cupid\",\"bibtex\":\"@article{cupid,\\nabstract = {Combining the strengths of individual fuzzing methods is an appealing idea to find software faults more efficiently, especially when the computing budget is limited. In prior work, EnFuzz introduced the idea of ensemble fuzzing and devised three heuristics to classify properties of fuzzers in terms of diversity. Based on these heuristics, the authors manually picked a combination of different fuzzers that collaborate. In this paper, we generalize this idea by collecting and applying empirical data from single, isolated fuzzer runs to automatically identify a set of fuzzers that complement each other when executed collaboratively. To this end, we present Cupid, a collaborative fuzzing framework allowing automated, data-driven selection of multiple complementary fuzzers for parallelized and distributed fuzzing. We evaluate the automatically selected target-independent combination of fuzzers by Cupid on Google's fuzzer-test-suite, a collection of real-world binaries, as well as on the synthetic Lava-M dataset. We find that Cupid outperforms two expert-guided, target-specific and hand-picked combinations on Google's fuzzer-test-suite in terms of branch coverage, and improves bug finding on Lava-M by 10%. Most importantly, we improve the latency for obtaining 95% and 99% of the coverage by 90% and 64%, respectively. Furthermore , Cupid reduces the amount of CPU hours needed to find a high-performing combination of fuzzers by multiple orders of magnitude compared to an exhaustive evaluation.},\\nauthor = {G{\\\\\\\"{u}}ler, Emre and G{\\\\\\\"{o}}rz, Philipp and Geretto, Elia and Jemmett, Andrea and {\\\\\\\"{O}}sterlund, Sebastian and Bos, Herbert and Giuffrida, Cristiano and Holz, Thorsten},\\njournal = {Annual Computer Security Applications Conference (ACSAC)},\\ntitle = {{Cupid : Automatic Fuzzer Selection for Collaborative Fuzzing}},\\nyear = {2020},\\nurl_paper =    {https://www.ei.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2020/09/26/ACSAC20-Cupid_TiM9H07.pdf},\\nurl_github =     {https://github.com/RUB-SysSec/cupid}\\n}\\n\\n\",\"author_short\":[\"Güler, E.\",\"Görz, P.\",\"Geretto, E.\",\"Jemmett, A.\",\"Österlund, S.\",\"Bos, H.\",\"Giuffrida, C.\",\"Holz, T.\"],\"key\":\"cupid\",\"id\":\"cupid\",\"bibbaseid\":\"gler-grz-geretto-jemmett-sterlund-bos-giuffrida-holz-cupidautomaticfuzzerselectionforcollaborativefuzzing-2020\",\"role\":\"author\",\"urls\":{\" paper\":\"https://www.ei.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2020/09/26/ACSAC20-Cupid_TiM9H07.pdf\",\" github\":\"https://github.com/RUB-SysSec/cupid\"},\"metadata\":{\"authorlinks\":{\"österlund, s\":\"https://osterlund.xyz/about.html\",\"giuffrida, c\":\"https://www.vusec.net/publications/author-giuffrida-2009/\",\"bos, h\":\"https://www.vusec.net/people/herbert-bos/\",\"güler, e\":\"https://www.emre-gueler.de/\"}},\"downloads\":69,\"html\":\"\"},{\"bibtype\":\"inproceedings\",\"type\":\"inproceedings\",\"title\":\"CollabFuzz: A Framework for Collaborative Fuzzing\",\"url_paper\":\"https://download.vusec.net/papers/collabfuzz_eurosec21.pdf\",\"url_github\":\"https://github.com/vusec/collabfuzz\",\"booktitle\":\"European Workshop on Systems Security (EuroSec)\",\"author\":[{\"propositions\":[],\"lastnames\":[\"Österlund\"],\"firstnames\":[\"Sebastian\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Geretto\"],\"firstnames\":[\"Elia\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Jemmett\"],\"firstnames\":[\"Andrea\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Güler\"],\"firstnames\":[\"Emre\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Görz\"],\"firstnames\":[\"Philipp\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Holz\"],\"firstnames\":[\"Thorsten\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Giuffrida\"],\"firstnames\":[\"Cristiano\"],\"suffixes\":[]},{\"propositions\":[],\"lastnames\":[\"Bos\"],\"firstnames\":[\"Herbert\"],\"suffixes\":[]}],\"year\":\"2021\",\"keywords\":\"class_testing, proj_react, proj_securecode, type_ast, type_workshop\",\"bibtex\":\"@inproceedings{collabfuzz,\\n\\ttitle = {{CollabFuzz}: {A} {Framework} for {Collaborative} {Fuzzing}},\\n\\turl_paper  = {https://download.vusec.net/papers/collabfuzz_eurosec21.pdf},\\n\\turl_github = {https://github.com/vusec/collabfuzz},\\n\\tbooktitle = {{European Workshop on Systems Security (EuroSec)}},\\n\\tauthor = {Österlund, Sebastian and Geretto, Elia and Jemmett, Andrea and Güler, Emre and Görz, Philipp and Holz, Thorsten and Giuffrida, Cristiano and Bos, Herbert},\\n\\tyear = {2021},\\n\\tkeywords = {class\\\\_testing, proj\\\\_react, proj\\\\_securecode, type\\\\_ast, type\\\\_workshop},\\n}\\n\",\"author_short\":[\"Österlund, S.\",\"Geretto, E.\",\"Jemmett, A.\",\"Güler, E.\",\"Görz, P.\",\"Holz, T.\",\"Giuffrida, C.\",\"Bos, H.\"],\"key\":\"collabfuzz\",\"id\":\"collabfuzz\",\"bibbaseid\":\"sterlund-geretto-jemmett-gler-grz-holz-giuffrida-bos-collabfuzzaframeworkforcollaborativefuzzing-2021\",\"role\":\"author\",\"urls\":{\" paper\":\"https://download.vusec.net/papers/collabfuzz_eurosec21.pdf\",\" github\":\"https://github.com/vusec/collabfuzz\"},\"keyword\":[\"class_testing\",\"proj_react\",\"proj_securecode\",\"type_ast\",\"type_workshop\"],\"metadata\":{\"authorlinks\":{\"österlund, s\":\"https://osterlund.xyz/about.html\",\"güler, e\":\"https://www.emre-gueler.de/\"}},\"downloads\":444,\"html\":\"\"}],\n      metadata: {\"owner\":\"güler, e\",\"authorlinks\":{\"güler, e\":\"https://www.emre-gueler.de/\"}},\n      ownerID: \"nhTvtJx2yvpnihPdo\"\n    };\n  </script>\n\n  <script type=\"text/javascript\">\n  var site$;\n  if (typeof $ != 'undefined') {\n    console.log('existing jquery: storing and then restoring');\n    site$ = $;\n    $ = null;\n  }\n  </script>\n\n  <script src=\"https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js\">\n  </script>\n  <script type=\"text/javascript\">\n  if (site$) {\n    console.log('existing jquery: avoiding conflict and restoring');\n    bb$ = $.noConflict(true);\n    $ = site$;\n  } else {\n    bb$ = $;\n  }\n  </script>\n\n  <script src=\"//bibbase.org/js/bibbase.min.js\"\n          type=\"text/javascript\">\n  </script>\n\n  <script type=\"text/javascript\"\n          src=\"https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS-MML_HTMLorMML\">\n  </script>\n  <script type=\"text/x-mathjax-config\">\n    MathJax.Hub.Config({tex2jax: {inlineMath: [['$','$'], ['\\\\(','\\\\)']]},\n                        skipTags: [\"body\"],\n                        processClass: \"bibbase_paper\"});\n  </script>\n\n  <style>\n  @media print {\n    .dontprint {\n        display: none !important;\n    }\n\n  .bibbase_group {\n    background-color: #E0E0E0;\n    font-style: italic;\n    font-size: larger;\n    text-shadow: 0px 0px 3px #FFFFFF;\n    border-radius: 4px 4px 4px 4px;\n    -moz-border-radius: 4px 4px 4px 4px;\n    -webkit-border-radius: 4px;\n    padding: 5px 40px 5px;\n    margin-top: 10px;\n    margin-bottom: 5px;\n    cursor: pointer;\n  }\n\n  .bibbase_paper {\n    margin-bottom: 5px;\n  }\n\n  }\n  </style>\n\n  \n  <div style=\"float: right; margin-right: 10px; margin-top: 10px; text-align: right; font-size: 12px\">\n    generated by\n    <a href=\"//bibbase.org\"\n       onclick=\"trackOutboundLink('bibbase', 'logo clicked', window.location.href, '//bibbase.org'); return false;\">\n      <img src=\"//bibbase.org/img/logo.svg\"\n           style=\"vertical-align: middle; margin-left: 3px; height: 16px;\"/\n           alt=\"bibbase.org\"\n           title=\"BibBase – The easiest way to maintain your publications page.\"\n        ></a>\n    \n  </div>\n  \n\n  <div id=\"bibbase_header\" class=\"dontprint\" style=\"\">\n\n    <ul class=\"nav nav-pills\" style=\"margin: 0px;\">\n\n      <li class=\"dropdown\" id=\"groupby_dropdown\">\n      <a class=\"dropdown-toggle\"\n         data-toggle=\"dropdown\"\n         href=\"#\">\n          Group by\n          <b class=\"caret\"></b>\n      </a>\n      <ul class=\"dropdown-menu\">\n        <li class=\"groupby year\"><a onclick=\"groupby('year')\">\n            Year</a>\n        </li>\n        <li class=\"groupby author\"><a onclick=\"groupby('author_short')\">\n            Author</a>\n        </li>\n        <li class=\"groupby type\"><a onclick=\"groupby('type')\">\n            Type</a>\n        </li>\n        <li class=\"groupby keyword\"><a onclick=\"groupby('keyword')\">\n            Keyword</a>\n        </li>\n        <li class=\"groupby downloads\"><a onclick=\"groupby('downloads')\">\n            Downloads</a>\n        </li>\n      </ul>\n      </li>\n\n\n      <li class=\"dropdown\" id=\"menu_dropdown\">\n      <a class=\"dropdown-toggle\"\n         data-toggle=\"dropdown\"\n         href=\"#\" alt=\"controls\">\n          <i class=\"fa fa-reorder\" alt=\"controls\"></i>\n          <b class=\"caret\"></b>\n      </a>\n      <ul class=\"dropdown-menu\">\n        <li>\n          <a onclick=\"toggleAll()\">\n            <i class=\"fa fa-chevron-down fa-fw\"></i> Expand/Collapse All\n          </a>\n        </li>\n        <li>\n          <a download=\"publications.bib\" href=\"data:text/bibtex;base64,QGlucHJvY2VlZGluZ3N7YXRyb3BvcywKICB0aXRsZT17e0F0cm9wb3M6IEVmZmVjdGl2ZSBGdXp6aW5nIG9mIFdlYiBBcHBsaWNhdGlvbnMgZm9yIFNlcnZlci1TaWRlIFZ1bG5lcmFiaWxpdGllc319LAogIGF1dGhvcj17RW1yZSBHe1wie3V9fWxlciBhbmQgU2VyZ2VqIFNjaHVtaWxvIGFuZCBNb3JpdHogU2NobG9lZ2VsIGFuZCBOaWxzIEJhcnMgYW5kIFBoaWxpcHAgR3tcIntvfX1yeiBhbmQgWGlueWkgWHUgYW5kIENlbWFsIEtheWd1c3V6IGFuZCBUaG9yc3RlbiBIb2x6fSwKICBib29rdGl0bGU9e1Byb2NlZWRpbmdzIG9mIHRoZSAzM3JkIFVTRU5JWCBTZWN1cml0eSBTeW1wb3NpdW19LAogIHllYXI9ezIwMjR9LAogIHVybF9wYXBlciA9IHtodHRwczovL3d3dy51c2VuaXgub3JnL3N5c3RlbS9maWxlcy9zZWMyM3dpbnRlci1wcmVwdWItMTY3LWd1bGVyLnBkZn0sCiAgdXJsX2dpdGh1YiA9IHtodHRwczovL2dpdGh1Yi5jb20vY2lzcGEtc3lzc2VjL2F0cm9wb3MtbGVnYWN5fQp9CgoKCkBpbnByb2NlZWRpbmdze2dvcnoyMDIzc3lzdGVtYXRpYywKICB0aXRsZT17U3lzdGVtYXRpYyBhc3Nlc3NtZW50IG9mIGZ1enplcnMgdXNpbmcgbXV0YXRpb24gYW5hbHlzaXN9LAogIGF1dGhvcj17R3tcIm99cnosIFBoaWxpcHAgYW5kIE1hdGhpcywgQmp7XCJvfXJuIGFuZCBIYXNzbGVyLCBLZW5vIGFuZCBHe1widX1sZXIsIEVtcmUgYW5kIEhvbHosIFRob3JzdGVuIGFuZCBaZWxsZXIsIEFuZHJlYXMgYW5kIEdvcGluYXRoLCBSYWh1bH0sCiAgYm9va3RpdGxlPXtQcm9jZWVkaW5ncyBvZiB0aGUgMzJuZCBVU0VOSVggU2VjdXJpdHkgU3ltcG9zaXVtfSwKICB5ZWFyPXsyMDIzfSwKICB1cmxfcGFwZXIgPSB7aHR0cHM6Ly93d3cudXNlbml4Lm9yZy9zeXN0ZW0vZmlsZXMvdXNlbml4c2VjdXJpdHkyMy1nb3J6LnBkZn0sCiAgdXJsX2dpdGh1YiA9IHtodHRwczovL2dpdGh1Yi5jb20vQ0lTUEEtU3lzU2VjL211YV9mdXp6ZXJfYmVuY2h9Cn0KCgoKQGFydGljbGV7YW50aWZ1enosCmFic3RyYWN0ID0ge0EgZ2VuZXJhbCBkZWZlbnNlIHN0cmF0ZWd5IGluIGNvbXB1dGVyIHNlY3VyaXR5IGlzIHRvIGluY3JlYXNlIHRoZSBjb3N0IG9mIHN1Y2Nlc3NmdWwgYXR0YWNrcyBpbiBib3RoIGNvbXB1dGF0aW9uYWwgcmVzb3VyY2VzIGFzIHdlbGwgYXMgaHVtYW4gdGltZS4gSW4gdGhlIGFyZWEgb2YgYmluYXJ5IHNlY3VyaXR5LCB0aGlzIGlzIGNvbW1vbmx5IGRvbmUgYnkgdXNpbmcgb2JmdXNjYXRpb24gbWV0aG9kcyB0byBoaW5kZXIgcmV2ZXJzZSBlbmdpbmVlcmluZyBhbmQgdGhlIHNlYXJjaCBmb3Igc29mdHdhcmUgdnVsbmVyYWJpbGl0aWVzLiBIb3dldmVyLCByZWNlbnQgdHJlbmRzIGluIGF1dG9tYXRlZCBidWcgZmluZGluZyBjaGFuZ2VkIHRoZSBtb2R1cyBvcGVyYW5kaS4gTm93YWRheXMgaXQgaXMgdmVyeSBjb21tb24gZm9yIGJ1Z3MgdG8gYmUgZm91bmQgYnkgdmFyaW91cyBmdXp6aW5nIHRvb2xzLiBEdWUgdG8gZXZlci1pbmNyZWFzaW5nIGFtb3VudHMgb2YgYXV0b21hdGlvbiBhbmQgcmVzZWFyY2ggb24gYmV0dGVyIGZ1enppbmcgc3RyYXRlZ2llcywgbGFyZ2Utc2NhbGUsIGRyYWduZXQtc3R5bGUgZnV6emluZyBvZiBtYW55IGh1bmRyZWRzIG9mIHRhcmdldHMgYmVjb21lcyB2aWFibGUuIEFzIHdlIHNob3csIGN1cnJlbnQgb2JmdXNjYXRpb24gdGVjaG5pcXVlcyBhcmUgYWltZWQgYXQgaW5jcmVhc2luZyB0aGUgY29zdCBvZiBodW1hbiB1bmRlcnN0YW5kaW5nIGFuZCBkbyBsaXR0bGUgdG8gc2xvdyBkb3duIGZ1enppbmcuIEluIHRoaXMgcGFwZXIsIHdlIGludHJvZHVjZSBzZXZlcmFsIHRlY2huaXF1ZXMgdG8gcHJvdGVjdCBhIGJpbmFyeSBleGVjdXRhYmxlIGFnYWluc3QgYW4gYW5hbHlzaXMgd2l0aCBhdXRvbWF0ZWQgYnVnIGZpbmRpbmcgYXBwcm9hY2hlcyB0aGF0IGFyZSBiYXNlZCBvbiBmdXp6aW5nLCBzeW1ib2xpYy9jb25jb2xpYyBleGVjdXRpb24sIGFuZCB0YWludC1hc3Npc3RlZCBmdXp6aW5nIChjb21tb25seSBrbm93biBhcyBoeWJyaWQgZnV6emluZykuIE1vcmUgc3BlY2lmaWNhbGx5LCB3ZSBwZXJmb3JtIGEgc3lzdGVtYXRpYyBhbmFseXNpcyBvZiB0aGUgZnVuZGFtZW50YWwgYXNzdW1wdGlvbnMgb2YgYnVnIGZpbmRpbmcgdG9vbHMgYW5kIGRldmVsb3AgZ2VuZXJhbCBjb3VudGVybWVhc3VyZXMgZm9yIGVhY2ggYXNzdW1wdGlvbi4gTm90ZSB0aGF0IHRoZXNlIHRlY2huaXF1ZXMgYXJlIG5vdCBkZXNpZ25lZCB0byB0YXJnZXQgc3BlY2lmaWMgaW1wbGVtZW50YXRpb25zIG9mIGZ1enppbmcgdG9vbHMsIGJ1dCBhZGRyZXNzIGdlbmVyYWwgYXNzdW1wdGlvbnMgdGhhdCBidWcgZmluZGluZyB0b29scyBuZWNlc3NhcmlseSBkZXBlbmQgb24uIE91ciBldmFsdWF0aW9uIGRlbW9uc3RyYXRlcyB0aGF0IHRoZXNlIHRlY2huaXF1ZXMgZWZmZWN0aXZlbHkgaW1wZWRlIGZ1enppbmcgYXVkaXRzLCB3aGlsZSBpbnRyb2R1Y2luZyBhIG5lZ2xpZ2libGUgcGVyZm9ybWFuY2Ugb3ZlcmhlYWQuIEp1c3QgYXMgb2JmdXNjYXRpb24gdGVjaG5pcXVlcyBpbmNyZWFzZSB0aGUgYW1vdW50IG9mIGh1bWFuIGxhYm9yIG5lZWRlZCB0byBmaW5kIGEgdnVsbmVyYWJpbGl0eSwgb3VyIHRlY2huaXF1ZXMgcmVuZGVyIGF1dG9tYXRlZCBmdXp6aW5nLWJhc2VkIGFwcHJvYWNoZXMgZnV0aWxlLn0sCmF1dGhvciA9IHtHe1wie3V9fWxlciwgRW1yZSBhbmQgQXNjaGVybWFubiwgQ29ybmVsaXVzIGFuZCBBYmJhc2ksIEFsaSBhbmQgSG9seiwgVGhvcnN0ZW59LAppc2JuID0gezk3ODE5MzkxMzMwNjl9LApqb3VybmFsID0ge1Byb2NlZWRpbmdzIG9mIHRoZSAyOHRoIFVTRU5JWCBTZWN1cml0eSBTeW1wb3NpdW19LApwYWdlcyA9IHsxOTMxLS0xOTQ3fSwKdGl0bGUgPSB7e0FudGlGdXp6OiBJbXBlZGluZyBGdXp6aW5nIEF1ZGl0cyBvZiBCaW5hcnkgRXhlY3V0YWJsZXN9fSwKeWVhciA9IHsyMDE5fSwKdXJsX3BhcGVyID0gICAge2h0dHBzOi8vd3d3LnVzZW5peC5vcmcvc3lzdGVtL2ZpbGVzL3NlYzE5LWd1bGVyLnBkZn0sCnVybF9naXRodWIgPSAgICAge2h0dHBzOi8vZ2l0aHViLmNvbS9SVUItU3lzU2VjL2FudGlmdXp6fQp9CgoKCkBhcnRpY2xle2N1cGlkLAphYnN0cmFjdCA9IHtDb21iaW5pbmcgdGhlIHN0cmVuZ3RocyBvZiBpbmRpdmlkdWFsIGZ1enppbmcgbWV0aG9kcyBpcyBhbiBhcHBlYWxpbmcgaWRlYSB0byBmaW5kIHNvZnR3YXJlIGZhdWx0cyBtb3JlIGVmZmljaWVudGx5LCBlc3BlY2lhbGx5IHdoZW4gdGhlIGNvbXB1dGluZyBidWRnZXQgaXMgbGltaXRlZC4gSW4gcHJpb3Igd29yaywgRW5GdXp6IGludHJvZHVjZWQgdGhlIGlkZWEgb2YgZW5zZW1ibGUgZnV6emluZyBhbmQgZGV2aXNlZCB0aHJlZSBoZXVyaXN0aWNzIHRvIGNsYXNzaWZ5IHByb3BlcnRpZXMgb2YgZnV6emVycyBpbiB0ZXJtcyBvZiBkaXZlcnNpdHkuIEJhc2VkIG9uIHRoZXNlIGhldXJpc3RpY3MsIHRoZSBhdXRob3JzIG1hbnVhbGx5IHBpY2tlZCBhIGNvbWJpbmF0aW9uIG9mIGRpZmZlcmVudCBmdXp6ZXJzIHRoYXQgY29sbGFib3JhdGUuIEluIHRoaXMgcGFwZXIsIHdlIGdlbmVyYWxpemUgdGhpcyBpZGVhIGJ5IGNvbGxlY3RpbmcgYW5kIGFwcGx5aW5nIGVtcGlyaWNhbCBkYXRhIGZyb20gc2luZ2xlLCBpc29sYXRlZCBmdXp6ZXIgcnVucyB0byBhdXRvbWF0aWNhbGx5IGlkZW50aWZ5IGEgc2V0IG9mIGZ1enplcnMgdGhhdCBjb21wbGVtZW50IGVhY2ggb3RoZXIgd2hlbiBleGVjdXRlZCBjb2xsYWJvcmF0aXZlbHkuIFRvIHRoaXMgZW5kLCB3ZSBwcmVzZW50IEN1cGlkLCBhIGNvbGxhYm9yYXRpdmUgZnV6emluZyBmcmFtZXdvcmsgYWxsb3dpbmcgYXV0b21hdGVkLCBkYXRhLWRyaXZlbiBzZWxlY3Rpb24gb2YgbXVsdGlwbGUgY29tcGxlbWVudGFyeSBmdXp6ZXJzIGZvciBwYXJhbGxlbGl6ZWQgYW5kIGRpc3RyaWJ1dGVkIGZ1enppbmcuIFdlIGV2YWx1YXRlIHRoZSBhdXRvbWF0aWNhbGx5IHNlbGVjdGVkIHRhcmdldC1pbmRlcGVuZGVudCBjb21iaW5hdGlvbiBvZiBmdXp6ZXJzIGJ5IEN1cGlkIG9uIEdvb2dsZSdzIGZ1enplci10ZXN0LXN1aXRlLCBhIGNvbGxlY3Rpb24gb2YgcmVhbC13b3JsZCBiaW5hcmllcywgYXMgd2VsbCBhcyBvbiB0aGUgc3ludGhldGljIExhdmEtTSBkYXRhc2V0LiBXZSBmaW5kIHRoYXQgQ3VwaWQgb3V0cGVyZm9ybXMgdHdvIGV4cGVydC1ndWlkZWQsIHRhcmdldC1zcGVjaWZpYyBhbmQgaGFuZC1waWNrZWQgY29tYmluYXRpb25zIG9uIEdvb2dsZSdzIGZ1enplci10ZXN0LXN1aXRlIGluIHRlcm1zIG9mIGJyYW5jaCBjb3ZlcmFnZSwgYW5kIGltcHJvdmVzIGJ1ZyBmaW5kaW5nIG9uIExhdmEtTSBieSAxMCUuIE1vc3QgaW1wb3J0YW50bHksIHdlIGltcHJvdmUgdGhlIGxhdGVuY3kgZm9yIG9idGFpbmluZyA5NSUgYW5kIDk5JSBvZiB0aGUgY292ZXJhZ2UgYnkgOTAlIGFuZCA2NCUsIHJlc3BlY3RpdmVseS4gRnVydGhlcm1vcmUgLCBDdXBpZCByZWR1Y2VzIHRoZSBhbW91bnQgb2YgQ1BVIGhvdXJzIG5lZWRlZCB0byBmaW5kIGEgaGlnaC1wZXJmb3JtaW5nIGNvbWJpbmF0aW9uIG9mIGZ1enplcnMgYnkgbXVsdGlwbGUgb3JkZXJzIG9mIG1hZ25pdHVkZSBjb21wYXJlZCB0byBhbiBleGhhdXN0aXZlIGV2YWx1YXRpb24ufSwKYXV0aG9yID0ge0d7XCJ7dX19bGVyLCBFbXJlIGFuZCBHe1wie299fXJ6LCBQaGlsaXBwIGFuZCBHZXJldHRvLCBFbGlhIGFuZCBKZW1tZXR0LCBBbmRyZWEgYW5kIHtcIntPfX1zdGVybHVuZCwgU2ViYXN0aWFuIGFuZCBCb3MsIEhlcmJlcnQgYW5kIEdpdWZmcmlkYSwgQ3Jpc3RpYW5vIGFuZCBIb2x6LCBUaG9yc3Rlbn0sCmpvdXJuYWwgPSB7QW5udWFsIENvbXB1dGVyIFNlY3VyaXR5IEFwcGxpY2F0aW9ucyBDb25mZXJlbmNlIChBQ1NBQyl9LAp0aXRsZSA9IHt7Q3VwaWQgOiBBdXRvbWF0aWMgRnV6emVyIFNlbGVjdGlvbiBmb3IgQ29sbGFib3JhdGl2ZSBGdXp6aW5nfX0sCnllYXIgPSB7MjAyMH0sCnVybF9wYXBlciA9ICAgIHtodHRwczovL3d3dy5laS5ydWhyLXVuaS1ib2NodW0uZGUvbWVkaWEvZW1tYS92ZXJvZWZmZW50bGljaHVuZ2VuLzIwMjAvMDkvMjYvQUNTQUMyMC1DdXBpZF9UaU05SDA3LnBkZn0sCnVybF9naXRodWIgPSAgICAge2h0dHBzOi8vZ2l0aHViLmNvbS9SVUItU3lzU2VjL2N1cGlkfQp9CgoKCkBpbnByb2NlZWRpbmdze2NvbGxhYmZ1enosCgl0aXRsZSA9IHt7Q29sbGFiRnV6en06IHtBfSB7RnJhbWV3b3JrfSBmb3Ige0NvbGxhYm9yYXRpdmV9IHtGdXp6aW5nfX0sCgl1cmxfcGFwZXIgID0ge2h0dHBzOi8vZG93bmxvYWQudnVzZWMubmV0L3BhcGVycy9jb2xsYWJmdXp6X2V1cm9zZWMyMS5wZGZ9LAoJdXJsX2dpdGh1YiA9IHtodHRwczovL2dpdGh1Yi5jb20vdnVzZWMvY29sbGFiZnV6en0sCglib29rdGl0bGUgPSB7e0V1cm9wZWFuIFdvcmtzaG9wIG9uIFN5c3RlbXMgU2VjdXJpdHkgKEV1cm9TZWMpfX0sCglhdXRob3IgPSB7w5ZzdGVybHVuZCwgU2ViYXN0aWFuIGFuZCBHZXJldHRvLCBFbGlhIGFuZCBKZW1tZXR0LCBBbmRyZWEgYW5kIEfDvGxlciwgRW1yZSBhbmQgR8O2cnosIFBoaWxpcHAgYW5kIEhvbHosIFRob3JzdGVuIGFuZCBHaXVmZnJpZGEsIENyaXN0aWFubyBhbmQgQm9zLCBIZXJiZXJ0fSwKCXllYXIgPSB7MjAyMX0sCglrZXl3b3JkcyA9IHtjbGFzc1xfdGVzdGluZywgcHJvalxfcmVhY3QsIHByb2pcX3NlY3VyZWNvZGUsIHR5cGVcX2FzdCwgdHlwZVxfd29ya3Nob3B9LAp9Cg==\">\n            <i class=\"fa fa-download fa-fw\"></i> Download BibTeX\n          </a>\n        </li>\n        <li>\n          <a href=\"//bibbase.org/rss?bib=http://emre-gueler.de/publications.bib\">\n            <i class=\"fa fa-rss fa-fw\"></i> RSS Feed\n          </a>\n          </li>\n      </ul>\n      </li>\n\n      \n\n\n      \n    </ul>\n\n\n    <div class=\"alert alert-success bibbase_msg\" id=\"bibbase_msg_embed\"\n         style=\"display: none;\">\n\n      Excellent! Next you can\n      <a href=\"/network/register?next=/network/newSiteFromTemplate%3Fbiburl=http://emre-gueler.de/publications.bib\"\n      >create a new website with this list</a>, or\n      embed it in an existing web page by copying &amp; pasting\n      any of the following snippets.\n\n      <div style=\"text-align: left; margin-top: 1em;\">\n        <strong>JavaScript</strong>\n        <span class=\"comment recommended\">(easiest)</span>\n        <div class=\"well well-small\">\n          <code>\n            &lt;script src=\"https://bibbase.org/show?bib=http%3A%2F%2Femre-gueler.de%2Fpublications.bib&amp;jsonp=1&amp;jsonp=1\"&gt;&lt;/script&gt;\n          </code>\n        </div>\n\n        <strong>PHP</strong>\n        <div class=\"well well-small\">\n          <code>\n            &lt;?php\n            $contents = file_get_contents(\"https://bibbase.org/show?bib=http%3A%2F%2Femre-gueler.de%2Fpublications.bib&amp;jsonp=1\");\n            print_r($contents);\n            ?&gt;\n          </code>\n        </div>\n\n        <strong>iFrame</strong>\n        <span class=\"comment\">(not recommended)</span>\n        <div class=\"well well-small\">\n          <code>\n            &lt;iframe src=\"https://bibbase.org/show?bib=http%3A%2F%2Femre-gueler.de%2Fpublications.bib&amp;jsonp=1\"&gt;&lt;/iframe&gt;\n          </code>\n        </div>\n\n        <p>\n          For more details see the <a href=\"//bibbase.org/help\">documention</a>.\n        </p>\n      </div>\n    </div>\n\n    <div class=\"alert alert-success bibbase_msg\" id=\"bibbase_msg_preview\"\n         style=\"display: none;\">\n\n      This is a preview! To use this list on your own web site\n      or create a new web site from it,\n      <a href=\"/network/register?next=/network/newAccountWithFile%3FfileId=\"\n      >create a free account</a>. The file will be added\n      and you will be able to edit it in the File Manager.\n      We will show you instructions once you've created your account.\n    </div>\n\n    <div class=\"alert alert-warning bibbase_msg\" id=\"bibbase_msg_mendeley1\"\n         style=\"display: none;\">\n\n      <p>To the site owner:</p>\n\n      <p><strong>Action required!</strong> Mendeley is changing its\n        API. In order to keep using Mendeley with BibBase past April\n        14th, you need to:\n        <ol>\n          <li>renew the authorization for BibBase on Mendeley, and</li>\n          <li>update the BibBase URL\n            in your page the same way you did when you initially set up\n            this page.\n          </li>\n        </ol>\n      </p>\n\n      <p>\n        <a href=\"http://bibbase.org/cgi-bin/mendeley2/get.py\">\n          <i class=\"fa fa-angle-double-right\"></i>\n          Fix it now</a>\n      </p>\n    </div>\n\n  </div>\n\n\n  <div id=\"bibbase_body\">\n    \n  \n  <div class=\"bibbase_group_whole\" id=\"group_2024\">\n    <div class=\"bibbase_group\"\n      onclick=\"toggleGroup('group_2024')\"\n      onkeypress=\"toggleGroup('group_2024')\"\n      tabindex=\"0\">\n      <i class=\"fa fa-angle-down bibbase_group_head_icon\"></i>&nbsp;\n      <span>2024</span>\n      <span class=\"bibbase_group_count\">\n        \n        (1)\n        \n      </span>\n    </div>\n    <div class=\"bibbase_group_body\">\n      \n  \n  <div class=\"bibbase_paper\" id=\"gler-schumilo-schloegel-bars-grz-xu-kaygusuz-holz-atroposeffectivefuzzingofwebapplicationsforserversidevulnerabilities-2024\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://www.usenix.org/system/files/sec23winter-prepub-167-guler.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'gler-schumilo-schloegel-bars-grz-xu-kaygusuz-holz-atroposeffectivefuzzingofwebapplicationsforserversidevulnerabilities-2024', 'https://www.usenix.org/system/files/sec23winter-prepub-167-guler.pdf', event);\">\n    Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  <a class=\"bibbase author link\" href=\"https://www.emre-gueler.de/\">Güler, E.</a>; Schumilo, S.; Schloegel, M.; Bars, N.; Görz, P.; Xu, X.; Kaygusuz, C.;  and Holz, T.\n</span>\n\n  \n\n</span>\n\n  In <i>Proceedings of the 33rd USENIX Security Symposium</i>,  2024. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://www.usenix.org/system/files/sec23winter-prepub-167-guler.pdf\"\n     onclick=\"log_download('gler-schumilo-schloegel-bars-grz-xu-kaygusuz-holz-atroposeffectivefuzzingofwebapplicationsforserversidevulnerabilities-2024', 'https://www.usenix.org/system/files/sec23winter-prepub-167-guler.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities [pdf]\"\n       title=\" paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\"> paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/cispa-syssec/atropos-legacy\"\n     onclick=\"log_download('gler-schumilo-schloegel-bars-grz-xu-kaygusuz-holz-atroposeffectivefuzzingofwebapplicationsforserversidevulnerabilities-2024', 'https://github.com/cispa-syssec/atropos-legacy', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities [link]\"\n       title=\" github\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\"> github</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/gler-schumilo-schloegel-bars-grz-xu-kaygusuz-holz-atroposeffectivefuzzingofwebapplicationsforserversidevulnerabilities-2024\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>5 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('gler-schumilo-schloegel-bars-grz-xu-kaygusuz-holz-atroposeffectivefuzzingofwebapplicationsforserversidevulnerabilities-2024')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{atropos,\n  title={{Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities}},\n  author={Emre G{\\&quot;{u}}ler and Sergej Schumilo and Moritz Schloegel and Nils Bars and Philipp G{\\&quot;{o}}rz and Xinyi Xu and Cemal Kaygusuz and Thorsten Holz},\n  booktitle={Proceedings of the 33rd USENIX Security Symposium},\n  year={2024},\n  url_paper = {https://www.usenix.org/system/files/sec23winter-prepub-167-guler.pdf},\n  url_github = {https://github.com/cispa-syssec/atropos-legacy}\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n\n\n\n    </div>\n  </div>\n\n  <div class=\"bibbase_group_whole\" id=\"group_2023\">\n    <div class=\"bibbase_group\"\n      onclick=\"toggleGroup('group_2023')\"\n      onkeypress=\"toggleGroup('group_2023')\"\n      tabindex=\"0\">\n      <i class=\"fa fa-angle-down bibbase_group_head_icon\"></i>&nbsp;\n      <span>2023</span>\n      <span class=\"bibbase_group_count\">\n        \n        (1)\n        \n      </span>\n    </div>\n    <div class=\"bibbase_group_body\">\n      \n  \n  <div class=\"bibbase_paper\" id=\"grz-mathis-hassler-gler-holz-zeller-gopinath-systematicassessmentoffuzzersusingmutationanalysis-2023\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://www.usenix.org/system/files/usenixsecurity23-gorz.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'grz-mathis-hassler-gler-holz-zeller-gopinath-systematicassessmentoffuzzersusingmutationanalysis-2023', 'https://www.usenix.org/system/files/usenixsecurity23-gorz.pdf', event);\">\n    Systematic assessment of fuzzers using mutation analysis.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  Görz, P.; Mathis, B.; Hassler, K.; <a class=\"bibbase author link\" href=\"https://www.emre-gueler.de/\">Güler, E.</a>; Holz, T.; Zeller, A.;  and Gopinath, R.\n</span>\n\n  \n\n</span>\n\n  In <i>Proceedings of the 32nd USENIX Security Symposium</i>,  2023. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://www.usenix.org/system/files/usenixsecurity23-gorz.pdf\"\n     onclick=\"log_download('grz-mathis-hassler-gler-holz-zeller-gopinath-systematicassessmentoffuzzersusingmutationanalysis-2023', 'https://www.usenix.org/system/files/usenixsecurity23-gorz.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Systematic assessment of fuzzers using mutation analysis [pdf]\"\n       title=\" paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\"> paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/CISPA-SysSec/mua_fuzzer_bench\"\n     onclick=\"log_download('grz-mathis-hassler-gler-holz-zeller-gopinath-systematicassessmentoffuzzersusingmutationanalysis-2023', 'https://github.com/CISPA-SysSec/mua_fuzzer_bench', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Systematic assessment of fuzzers using mutation analysis [link]\"\n       title=\" github\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\"> github</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/grz-mathis-hassler-gler-holz-zeller-gopinath-systematicassessmentoffuzzersusingmutationanalysis-2023\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>1 download</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('grz-mathis-hassler-gler-holz-zeller-gopinath-systematicassessmentoffuzzersusingmutationanalysis-2023')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{gorz2023systematic,\n  title={Systematic assessment of fuzzers using mutation analysis},\n  author={G{\\&quot;o}rz, Philipp and Mathis, Bj{\\&quot;o}rn and Hassler, Keno and G{\\&quot;u}ler, Emre and Holz, Thorsten and Zeller, Andreas and Gopinath, Rahul},\n  booktitle={Proceedings of the 32nd USENIX Security Symposium},\n  year={2023},\n  url_paper = {https://www.usenix.org/system/files/usenixsecurity23-gorz.pdf},\n  url_github = {https://github.com/CISPA-SysSec/mua_fuzzer_bench}\n}\n\n</pre>\n</div>\n\n\n\n</div>\n\n\n\n\n\n    </div>\n  </div>\n\n  <div class=\"bibbase_group_whole\" id=\"group_2021\">\n    <div class=\"bibbase_group\"\n      onclick=\"toggleGroup('group_2021')\"\n      onkeypress=\"toggleGroup('group_2021')\"\n      tabindex=\"0\">\n      <i class=\"fa fa-angle-down bibbase_group_head_icon\"></i>&nbsp;\n      <span>2021</span>\n      <span class=\"bibbase_group_count\">\n        \n        (1)\n        \n      </span>\n    </div>\n    <div class=\"bibbase_group_body\">\n      \n  \n  <div class=\"bibbase_paper\" id=\"sterlund-geretto-jemmett-gler-grz-holz-giuffrida-bos-collabfuzzaframeworkforcollaborativefuzzing-2021\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://download.vusec.net/papers/collabfuzz_eurosec21.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'sterlund-geretto-jemmett-gler-grz-holz-giuffrida-bos-collabfuzzaframeworkforcollaborativefuzzing-2021', 'https://download.vusec.net/papers/collabfuzz_eurosec21.pdf', event);\">\n    CollabFuzz: A Framework for Collaborative Fuzzing.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  <a class=\"bibbase author link\" href=\"https://osterlund.xyz/about.html\">Österlund, S.</a>; Geretto, E.; Jemmett, A.; <a class=\"bibbase author link\" href=\"https://www.emre-gueler.de/\">Güler, E.</a>; Görz, P.; Holz, T.; Giuffrida, C.;  and Bos, H.\n</span>\n\n  \n\n</span>\n\n  In <i>European Workshop on Systems Security (EuroSec)</i>,  2021. \n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://download.vusec.net/papers/collabfuzz_eurosec21.pdf\"\n     onclick=\"log_download('sterlund-geretto-jemmett-gler-grz-holz-giuffrida-bos-collabfuzzaframeworkforcollaborativefuzzing-2021', 'https://download.vusec.net/papers/collabfuzz_eurosec21.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"CollabFuzz: A Framework for Collaborative Fuzzing [pdf]\"\n       title=\" paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\"> paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/vusec/collabfuzz\"\n     onclick=\"log_download('sterlund-geretto-jemmett-gler-grz-holz-giuffrida-bos-collabfuzzaframeworkforcollaborativefuzzing-2021', 'https://github.com/vusec/collabfuzz', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"CollabFuzz: A Framework for Collaborative Fuzzing [link]\"\n       title=\" github\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\"> github</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/sterlund-geretto-jemmett-gler-grz-holz-giuffrida-bos-collabfuzzaframeworkforcollaborativefuzzing-2021\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>444 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('sterlund-geretto-jemmett-gler-grz-holz-giuffrida-bos-collabfuzzaframeworkforcollaborativefuzzing-2021')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@inproceedings{collabfuzz,\n\ttitle = {{CollabFuzz}: {A} {Framework} for {Collaborative} {Fuzzing}},\n\turl_paper  = {https://download.vusec.net/papers/collabfuzz_eurosec21.pdf},\n\turl_github = {https://github.com/vusec/collabfuzz},\n\tbooktitle = {{European Workshop on Systems Security (EuroSec)}},\n\tauthor = {Österlund, Sebastian and Geretto, Elia and Jemmett, Andrea and Güler, Emre and Görz, Philipp and Holz, Thorsten and Giuffrida, Cristiano and Bos, Herbert},\n\tyear = {2021},\n\tkeywords = {class\\_testing, proj\\_react, proj\\_securecode, type\\_ast, type\\_workshop},\n}\n</pre>\n</div>\n\n\n\n</div>\n\n\n\n\n\n    </div>\n  </div>\n\n  <div class=\"bibbase_group_whole\" id=\"group_2020\">\n    <div class=\"bibbase_group\"\n      onclick=\"toggleGroup('group_2020')\"\n      onkeypress=\"toggleGroup('group_2020')\"\n      tabindex=\"0\">\n      <i class=\"fa fa-angle-down bibbase_group_head_icon\"></i>&nbsp;\n      <span>2020</span>\n      <span class=\"bibbase_group_count\">\n        \n        (1)\n        \n      </span>\n    </div>\n    <div class=\"bibbase_group_body\">\n      \n  \n  <div class=\"bibbase_paper\" id=\"gler-grz-geretto-jemmett-sterlund-bos-giuffrida-holz-cupidautomaticfuzzerselectionforcollaborativefuzzing-2020\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://www.ei.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2020/09/26/ACSAC20-Cupid_TiM9H07.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'gler-grz-geretto-jemmett-sterlund-bos-giuffrida-holz-cupidautomaticfuzzerselectionforcollaborativefuzzing-2020', 'https://www.ei.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2020/09/26/ACSAC20-Cupid_TiM9H07.pdf', event);\">\n    Cupid : Automatic Fuzzer Selection for Collaborative Fuzzing.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  <a class=\"bibbase author link\" href=\"https://www.emre-gueler.de/\">Güler, E.</a>; Görz, P.; Geretto, E.; Jemmett, A.; <a class=\"bibbase author link\" href=\"https://osterlund.xyz/about.html\">Österlund, S.</a>; <a class=\"bibbase author link\" href=\"https://www.vusec.net/people/herbert-bos/\">Bos, H.</a>; <a class=\"bibbase author link\" href=\"https://www.vusec.net/publications/author-giuffrida-2009/\">Giuffrida, C.</a>;  and Holz, T.\n</span>\n\n  \n\n</span>\n\n  <i>Annual Computer Security Applications Conference (ACSAC)</i>.  2020.\n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://www.ei.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2020/09/26/ACSAC20-Cupid_TiM9H07.pdf\"\n     onclick=\"log_download('gler-grz-geretto-jemmett-sterlund-bos-giuffrida-holz-cupidautomaticfuzzerselectionforcollaborativefuzzing-2020', 'https://www.ei.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2020/09/26/ACSAC20-Cupid_TiM9H07.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"Cupid : Automatic Fuzzer Selection for Collaborative Fuzzing [pdf]\"\n       title=\" paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\"> paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/RUB-SysSec/cupid\"\n     onclick=\"log_download('gler-grz-geretto-jemmett-sterlund-bos-giuffrida-holz-cupidautomaticfuzzerselectionforcollaborativefuzzing-2020', 'https://github.com/RUB-SysSec/cupid', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"Cupid : Automatic Fuzzer Selection for Collaborative Fuzzing [link]\"\n       title=\" github\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\"> github</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/gler-grz-geretto-jemmett-sterlund-bos-giuffrida-holz-cupidautomaticfuzzerselectionforcollaborativefuzzing-2020\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n  &nbsp;\n  <a class=\"bibbase_abstract_link bibbase link\"\n     href=\"#\"\n     onclick=\"showAbstract(event); return false;\">\n    abstract <i class=\"fa fa-caret-down\"></i></a>\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>69 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('gler-grz-geretto-jemmett-sterlund-bos-giuffrida-holz-cupidautomaticfuzzerselectionforcollaborativefuzzing-2020')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@article{cupid,\nabstract = {Combining the strengths of individual fuzzing methods is an appealing idea to find software faults more efficiently, especially when the computing budget is limited. In prior work, EnFuzz introduced the idea of ensemble fuzzing and devised three heuristics to classify properties of fuzzers in terms of diversity. Based on these heuristics, the authors manually picked a combination of different fuzzers that collaborate. In this paper, we generalize this idea by collecting and applying empirical data from single, isolated fuzzer runs to automatically identify a set of fuzzers that complement each other when executed collaboratively. To this end, we present Cupid, a collaborative fuzzing framework allowing automated, data-driven selection of multiple complementary fuzzers for parallelized and distributed fuzzing. We evaluate the automatically selected target-independent combination of fuzzers by Cupid on Google&#x27;s fuzzer-test-suite, a collection of real-world binaries, as well as on the synthetic Lava-M dataset. We find that Cupid outperforms two expert-guided, target-specific and hand-picked combinations on Google&#x27;s fuzzer-test-suite in terms of branch coverage, and improves bug finding on Lava-M by 10%. Most importantly, we improve the latency for obtaining 95% and 99% of the coverage by 90% and 64%, respectively. Furthermore , Cupid reduces the amount of CPU hours needed to find a high-performing combination of fuzzers by multiple orders of magnitude compared to an exhaustive evaluation.},\nauthor = {G{\\&quot;{u}}ler, Emre and G{\\&quot;{o}}rz, Philipp and Geretto, Elia and Jemmett, Andrea and {\\&quot;{O}}sterlund, Sebastian and Bos, Herbert and Giuffrida, Cristiano and Holz, Thorsten},\njournal = {Annual Computer Security Applications Conference (ACSAC)},\ntitle = {{Cupid : Automatic Fuzzer Selection for Collaborative Fuzzing}},\nyear = {2020},\nurl_paper =    {https://www.ei.ruhr-uni-bochum.de/media/emma/veroeffentlichungen/2020/09/26/ACSAC20-Cupid_TiM9H07.pdf},\nurl_github =     {https://github.com/RUB-SysSec/cupid}\n}\n\n</pre>\n</div>\n\n\n<div class=\"well well-small bibbase\" data-type=\"abstract\"\n     style=\"display:none\">\n  Combining the strengths of individual fuzzing methods is an appealing idea to find software faults more efficiently, especially when the computing budget is limited. In prior work, EnFuzz introduced the idea of ensemble fuzzing and devised three heuristics to classify properties of fuzzers in terms of diversity. Based on these heuristics, the authors manually picked a combination of different fuzzers that collaborate. In this paper, we generalize this idea by collecting and applying empirical data from single, isolated fuzzer runs to automatically identify a set of fuzzers that complement each other when executed collaboratively. To this end, we present Cupid, a collaborative fuzzing framework allowing automated, data-driven selection of multiple complementary fuzzers for parallelized and distributed fuzzing. We evaluate the automatically selected target-independent combination of fuzzers by Cupid on Google's fuzzer-test-suite, a collection of real-world binaries, as well as on the synthetic Lava-M dataset. We find that Cupid outperforms two expert-guided, target-specific and hand-picked combinations on Google's fuzzer-test-suite in terms of branch coverage, and improves bug finding on Lava-M by 10%. Most importantly, we improve the latency for obtaining 95% and 99% of the coverage by 90% and 64%, respectively. Furthermore , Cupid reduces the amount of CPU hours needed to find a high-performing combination of fuzzers by multiple orders of magnitude compared to an exhaustive evaluation.\n</div>\n\n\n</div>\n\n\n\n\n\n    </div>\n  </div>\n\n  <div class=\"bibbase_group_whole\" id=\"group_2019\">\n    <div class=\"bibbase_group\"\n      onclick=\"toggleGroup('group_2019')\"\n      onkeypress=\"toggleGroup('group_2019')\"\n      tabindex=\"0\">\n      <i class=\"fa fa-angle-down bibbase_group_head_icon\"></i>&nbsp;\n      <span>2019</span>\n      <span class=\"bibbase_group_count\">\n        \n        (1)\n        \n      </span>\n    </div>\n    <div class=\"bibbase_group_body\">\n      \n  \n  <div class=\"bibbase_paper\" id=\"gler-aschermann-abbasi-holz-antifuzzimpedingfuzzingauditsofbinaryexecutables-2019\">\n  <span class=\"bibbase_paper_titleauthoryear\">\n\n  \n  <span class=\"bibbase_paper_title\">\n  \n  \n  \n  <a href=\"https://www.usenix.org/system/files/sec19-guler.pdf\"\n     onclick=\"return trackOutboundLink('publications', 'click', 'gler-aschermann-abbasi-holz-antifuzzimpedingfuzzingauditsofbinaryexecutables-2019', 'https://www.usenix.org/system/files/sec19-guler.pdf', event);\">\n    AntiFuzz: Impeding Fuzzing Audits of Binary Executables.\n  </a>\n  \n  \n  \n</span>\n\n  <span class=\"bibbase_paper_author\">\n  <a class=\"bibbase author link\" href=\"https://www.emre-gueler.de/\">Güler, E.</a>; Aschermann, C.; <a class=\"bibbase author link\" href=\"https://bibbase.org/show?bib=https://dblp.org/pid/73/2297-2.bib\">Abbasi, A.</a>;  and Holz, T.\n</span>\n\n  \n\n</span>\n\n  <i>Proceedings of the 28th USENIX Security Symposium</i>,1931–1947.  2019.\n  <span class=\"note\"></span>\n\n<span class=\"bibbase_note\"></span>\n\n<br class=\"bibbase_paper_content\"/>\n\n<span class=\"bibbase_paper_content dontprint\">\n\n  \n  <a href=\"https://www.usenix.org/system/files/sec19-guler.pdf\"\n     onclick=\"log_download('gler-aschermann-abbasi-holz-antifuzzimpedingfuzzingauditsofbinaryexecutables-2019', 'https://www.usenix.org/system/files/sec19-guler.pdf', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/pdf.svg\"\n\t     alt=\"AntiFuzz: Impeding Fuzzing Audits of Binary Executables [pdf]\"\n       title=\" paper\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\"> paper</span></a>\n  &nbsp;\n  \n  <a href=\"https://github.com/RUB-SysSec/antifuzz\"\n     onclick=\"log_download('gler-aschermann-abbasi-holz-antifuzzimpedingfuzzingauditsofbinaryexecutables-2019', 'https://github.com/RUB-SysSec/antifuzz', event.ctrlKey, event)\">\n    <img src=\"//bibbase.org/img/filetypes/link.svg\"\n\t     alt=\"AntiFuzz: Impeding Fuzzing Audits of Binary Executables [link]\"\n       title=\" github\"\n\t     class=\"bibbase_icon\"\n         ><span class=\"bibbase_icon_text\"> github</span></a>\n  &nbsp;\n  \n\n  \n\n  \n  <a href=\"//bibbase.org/network/publication/gler-aschermann-abbasi-holz-antifuzzimpedingfuzzingauditsofbinaryexecutables-2019\"\n     class=\"bibbase bibbase_page link\">link</a>\n  &nbsp;\n  \n\n  <a href=\"#\"\n     onclick=\"showBib(event); return false;\"\n     class=\"bibbase bibtex link\">bibtex\n    <i class=\"fa fa-caret-down\"></i></a>\n\n  \n  &nbsp;\n  <a class=\"bibbase_abstract_link bibbase link\"\n     href=\"#\"\n     onclick=\"showAbstract(event); return false;\">\n    abstract <i class=\"fa fa-caret-down\"></i></a>\n  \n\n  \n  &nbsp;\n  <span class=\"bibbase_stats_paper\" style=\"color: #777;\">\n    <span>196 downloads</span>\n  </span>\n  \n\n  <!-- <a class=\"bibbase read link hidden\" -->\n  <!--    href=\"javascript:toggleRead('gler-aschermann-abbasi-holz-antifuzzimpedingfuzzingauditsofbinaryexecutables-2019')\" -->\n  <!--    title=\"Marking this paper as read adds it to your library on BibBase.\" -->\n  <!--    > -->\n  <!--   <i class=\"fa fa-check\"></i>&nbsp; -->\n  <!--   <span>mark as read</span> -->\n  <!-- </a> -->\n\n  &nbsp;\n  \n  \n\n</span>\n\n<div class=\"well well-small bibbase\" data-type=\"bibtex\"\n     style=\"display:none\">\n  <pre style=\"white-space: pre-wrap;\">@article{antifuzz,\nabstract = {A general defense strategy in computer security is to increase the cost of successful attacks in both computational resources as well as human time. In the area of binary security, this is commonly done by using obfuscation methods to hinder reverse engineering and the search for software vulnerabilities. However, recent trends in automated bug finding changed the modus operandi. Nowadays it is very common for bugs to be found by various fuzzing tools. Due to ever-increasing amounts of automation and research on better fuzzing strategies, large-scale, dragnet-style fuzzing of many hundreds of targets becomes viable. As we show, current obfuscation techniques are aimed at increasing the cost of human understanding and do little to slow down fuzzing. In this paper, we introduce several techniques to protect a binary executable against an analysis with automated bug finding approaches that are based on fuzzing, symbolic/concolic execution, and taint-assisted fuzzing (commonly known as hybrid fuzzing). More specifically, we perform a systematic analysis of the fundamental assumptions of bug finding tools and develop general countermeasures for each assumption. Note that these techniques are not designed to target specific implementations of fuzzing tools, but address general assumptions that bug finding tools necessarily depend on. Our evaluation demonstrates that these techniques effectively impede fuzzing audits, while introducing a negligible performance overhead. Just as obfuscation techniques increase the amount of human labor needed to find a vulnerability, our techniques render automated fuzzing-based approaches futile.},\nauthor = {G{\\&quot;{u}}ler, Emre and Aschermann, Cornelius and Abbasi, Ali and Holz, Thorsten},\nisbn = {9781939133069},\njournal = {Proceedings of the 28th USENIX Security Symposium},\npages = {1931--1947},\ntitle = {{AntiFuzz: Impeding Fuzzing Audits of Binary Executables}},\nyear = {2019},\nurl_paper =    {https://www.usenix.org/system/files/sec19-guler.pdf},\nurl_github =     {https://github.com/RUB-SysSec/antifuzz}\n}\n\n</pre>\n</div>\n\n\n<div class=\"well well-small bibbase\" data-type=\"abstract\"\n     style=\"display:none\">\n  A general defense strategy in computer security is to increase the cost of successful attacks in both computational resources as well as human time. In the area of binary security, this is commonly done by using obfuscation methods to hinder reverse engineering and the search for software vulnerabilities. However, recent trends in automated bug finding changed the modus operandi. Nowadays it is very common for bugs to be found by various fuzzing tools. Due to ever-increasing amounts of automation and research on better fuzzing strategies, large-scale, dragnet-style fuzzing of many hundreds of targets becomes viable. As we show, current obfuscation techniques are aimed at increasing the cost of human understanding and do little to slow down fuzzing. In this paper, we introduce several techniques to protect a binary executable against an analysis with automated bug finding approaches that are based on fuzzing, symbolic/concolic execution, and taint-assisted fuzzing (commonly known as hybrid fuzzing). More specifically, we perform a systematic analysis of the fundamental assumptions of bug finding tools and develop general countermeasures for each assumption. Note that these techniques are not designed to target specific implementations of fuzzing tools, but address general assumptions that bug finding tools necessarily depend on. Our evaluation demonstrates that these techniques effectively impede fuzzing audits, while introducing a negligible performance overhead. Just as obfuscation techniques increase the amount of human labor needed to find a vulnerability, our techniques render automated fuzzing-based approaches futile.\n</div>\n\n\n</div>\n\n\n\n\n\n    </div>\n  </div>\n\n\n\n\n  </div>\n\n\n  <!-- Modal -->\n\n  <!-- <iframe id=\"bibbase_network_frame\" -->\n  <!--         src=\"//bibbase.org/network/control\" -->\n  <!--         style=\"display: none;\"> -->\n  <!-- </iframe> -->\n\n</div>\n"}; document.write(bibbase_data.data);