The 2nd International Fuzzing Workshop (FUZZING) 2023 welcomes all researchers, scientists, engineers and practitioners to present their latest research findings, empirical analyses, techniques, and applications in the area of fuzzing and software testing for automated bug finding. The workshop will be organized as Phase 1 in a 2-phase preregistration-based publication process. All research papers will be peer-reviewed on the basis of a full-length preregistered report, and acceptance will be based on (i) the significance and novelty of the hypotheses or techniques, and (ii) the soundness and reproducibility of the methodology specified to validate the claims or hypotheses – but explicitly not based on the strength of the (preliminary) results. The workshop solicits registered reports drafts. These drafts will be reviewed by the workshop PC, and accepted drafts made available to all participants. These drafts will be presented and discussed in detail at the workshop, in order for the authors to receive constructive feedback. After incorporating this feedback, the authors can submit final versions of the registered reports for review. Accepted will be invited as TOSEM Registered Papers (where we guarantee the same set of reviewers). FUZZING 2023 will include a keynote address by an eminent scientist, a technical session, and interactive discussions among researchers and practitioners.
Please visit our website for more information: https://fuzzingworkshop.github.io
Mon 17 JulDisplayed time zone: Pacific Time (US & Canada) change
08:00 - 08:30 | |||
08:00 30mCoffee break | Break ECOOP and ISSTA Catering | ||
08:30 - 10:00 | |||
09:00 15mDay opening | Welcome and Introductions FUZZING | ||
09:15 45mKeynote | Three Colours of Fuzzing: Reflections and Open Challenges FUZZING | ||
10:00 - 10:30 | |||
10:00 30mCoffee break | Break ECOOP and ISSTA Catering | ||
10:30 - 12:00 | |||
10:30 60mPanel | Fishbowl Conversation FUZZING | ||
11:30 30mTalk | Reflections on preregistration-based publication model FUZZING | ||
12:00 - 13:30 | |||
12:00 90mLunch | Lunch ECOOP and ISSTA Catering | ||
13:30 - 15:00 | |||
13:30 45mKeynote | Rich coverage signal and the consequences for scaling FUZZING | ||
14:15 15mPaper | Large Language Models for Fuzzing Parsers FUZZING | ||
14:30 15mPaper | Novelty not Found: Adaptive Fuzzer Restarts to Improve Input Space Coverage FUZZING Nico Schiller CISPA Helmholtz Center for Information Security, Xinyi Xu CISPA Helmholtz Center for Information Security, Lukas Bernhard CISPA Helmholtz Center for Information Security, Nils Bars CISPA Helmholtz Center for Information Security, Moritz Schloegel CISPA, Germany, Thorsten Holz CISPA Helmholtz Center for Information Security | ||
14:45 15mPaper | Grammar Mutation for Testing Input Parsers FUZZING Bachir Bendrissou Imperial College London, Cristian Cadar Imperial College London, Alastair F. Donaldson Imperial College London | ||
15:00 - 15:30 | |||
15:00 30mCoffee break | Break ECOOP and ISSTA Catering | ||
15:30 - 17:00 | |||
15:30 15mPaper | CrabSandwich: Fuzzing Rust with Rust FUZZING Addison Crump CISPA Helmholtz Center for Information Security, Dongjia Zhang EURECOM, Syeda Mahnur Asif CISPA Helmholtz Center for Information Security, Dominik Maier TU Berlin, Andrea Fioraldi EURECOM, Thorsten Holz CISPA Helmholtz Center for Information Security, Davide Balzarotti EURECOM | ||
15:45 15mPaper | Beyond The Coverage Plateau - A Comprehensive Study of Fuzz Blockers FUZZING Wentao Gao , Thuan Pham The University of Melbourne, Dongge Liu , Oliver Chang Google, Toby Murray University of Melbourne, Benjamin I.P. Rubinstein University of Melbourne | ||
16:00 15mPaper | DiPri: Distance-based Seed Prioritization for Greybox Fuzzing FUZZING Ruixiang Qian State Key Laboratory for Novel Software Technology, Nanjing University, Quanjun Zhang Nanjing University, Chunrong Fang Nanjing University, Zhenyu Chen Nanjing University | ||
16:15 15mPaper | InFuzz: An Interactive Tool for Enhancing Efficiency in Fuzzing through Visual Bottleneck Analysis FUZZING Qian Yan National Key Laboratory of Science and Technology on Information System Security, Minhuan Huang National Key Laboratory of Science and Technology on Information System Security, Huayang Cao National Key Laboratory of Science and Technology on Information System Security, Shuaibing Lu Academy of Military Sciences | ||
16:30 15mPaper | Multi-phase Parallel Fuzzer FUZZING Taotao Gu Academy of Military Sciences, Tong Wang National Key Laboratory of Science and Technology on Information System Security, Xiang Li Academy of Military Sciences, Shuaibing Lu Academy of Military Sciences, Yuanping Nie Academy of Military Sciences, Zhaowei Zhang National Key Laboratory of Science and Technology on Information System Security, Xiaohui Kuang Academy of Military Sciences, Gang Zhao National Key Laboratory of Science and Technology on Information System Security | ||
16:45 15mDay closing | Concluding Remarks FUZZING | ||
Accepted Papers
Sang Kil Cha
KAIST, South Korea
South Korea
Karine Even-Mendoza
King’s College London
United Kingdom
Ben Hermann
TU Dortmund
Germany
Renáta Hodován
University of Szeged, Hungary
Hungary
Byoungyoung Lee
Seoul National University, South Korea
Dominik Maier
Google
Martin Nowack
Imperial College London
United Kingdom
Rohan Padhye
Carnegie Mellon University
United States
Mathias Payer
EPFL
Switzerland
Van-Thuan Pham
Monash University
Australia
Moritz Schloegel
CISPA, Germany
Ridwan Salihin Shariffdeen
National University of Singapore
Singapore
Jun Xu
The University of Utah
Andreas Zeller
CISPA Helmholtz Center for Information Security
Germany
Chengyu Zhang
ETH Zurich
Switzerland
Qian Zhang
University of California, Riverside
United States