ISSTA 2025
Wed 25 - Sat 28 June 2025 Trondheim, Norway
co-located with FSE 2025
Wed 25 Jun 2025 16:25 - 16:50 at Cosmos 3A - Fuzzing and Concolic Chair(s): Shiyi Wei

Parallel fuzzing, which utilizes multicore computers to accelerate the fuzzing process, has been widely used in industrial-scale software defect detection. However, specifying efficient parallel fuzzing strategies for programs with different characteristics is challenging due to the difficulty of reasoning about fuzzing runtime statically. Existing efforts still use pre-defined tactics for various programs, resulting in suboptimal performance.

In this paper, we propose KraKen, a new program-adaptive parallel fuzzer that improves fuzzing efficiency through dynamic strategy optimization. The key insight is that the inefficiency in parallel fuzzing can be observed during runtime through various feedbacks, such as code coverage changes, which allows us to adjust the adopted strategy to avoid inefficient path searching, thus gradually approximating the optimal policy. Based on the above insight, our key idea is to view the task of finding the optimal strategy as an optimization problem and gradually approach the best program-specific strategy on the fly by maximizing certain objective functions. We have implemented Kraken in C/C++ and evaluated it on 19 real-world programs against 6 state-of-the-art parallel fuzzers. Experimental results show that Kraken can achieve 54.7% more code coverage and find 70.2% more bugs in the given time. Moreover, Kraken has found 192 bugs in 37 popular open-source projects, and 119 of them are assigned with CVE IDs.

Wed 25 Jun

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

16:00 - 17:15
Fuzzing and ConcolicResearch Papers at Cosmos 3A
Chair(s): Shiyi Wei University of Texas at Dallas
16:00
25m
Talk
xFUZZ: A Flexible Framework for Fine-Grained, Runtime-Adaptive Fuzzing Strategy Composition
Research Papers
DongSong Yu Zhongguancun Laboratory, Yiyi Wang Tsinghua University, Huazhong University of Science and Technology, Chao Zhang Tsinghua University, Yang Lan , Zhiyuan Jiang National University of Defense Technology, Shuitao Gan Labortory for Advanced Computing and Intelligence Engineering, Zheyu Ma Tsinghua University, Wende Tan Tsinghua University
DOI
16:25
25m
Talk
KRAKEN: Program-Adaptive Parallel Fuzzing
Research Papers
Anshunkang Zhou Hong Kong University of Science and Technology, Heqing Huang City University of Hong Kong, Charles Zhang Hong Kong University of Science and Technology
DOI Pre-print
16:50
25m
Talk
Quantum Concolic Testing
Research Papers
Shangzhou Xia Kyushu University, Jianjun Zhao Kyushu University, Fuyuan Zhang Kyushu University, Xiaoyu Guo Kyushu University
DOI

Information for Participants
Wed 25 Jun 2025 16:00 - 17:15 at Cosmos 3A - Fuzzing and Concolic Chair(s): Shiyi Wei
Info for room Cosmos 3A:

Cosmos 3A is the first room in the Cosmos 3 wing.

When facing the main Cosmos Hall, access to the Cosmos 3 wing is on the left, close to the stairs. The area is accessed through a large door with the number “3”, which will stay open during the event.

:
:
:
: