The 3rd International Fuzzing Workshop (FUZZING) 2024 welcomes all researchers, scientists, engineers and practitioners to present their latest research findings, empirical analyses, techniques, and applications in the area of fuzzing and software testing for automated bug finding. The workshop will be organized as Phase 1 in a 2-phase preregistration-based publication process. All research papers will be peer-reviewed on the basis of a full-length preregistered report, and acceptance will be based on (i) the significance and novelty of the hypotheses or techniques, and (ii) the soundness and reproducibility of the methodology specified to validate the claims or hypotheses – but explicitly not based on the strength of the (preliminary) results. The workshop solicits registered reports drafts. These drafts will be reviewed by the workshop PC, and accepted drafts made available to all participants. These drafts will be presented and discussed in detail at the workshop, in order for the authors to receive constructive feedback. After incorporating this feedback, the authors can submit final versions of the registered reports for review. Accepted will be invited as TOSEM Registered Papers (where we guarantee the same set of reviewers). FUZZING 2024 will include a keynote address by an eminent scientist, a technical session, and interactive discussions among researchers and practitioners.
Please visit our website for more information: https://fuzzingworkshop.github.io
Mon 16 SepDisplayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change
08:00 - 08:30 | |||
09:00 - 10:00 | |||
09:00 15mDay opening | Opening and Welcome FUZZING | ||
09:15 45mKeynote | [Keynote] Reasons for the Unreasonable Success of Fuzzing FUZZING | ||
10:00 - 10:30 | |||
10:30 - 12:00 | |||
10:30 15mTalk | Directed or Undirected: Investigating Fuzzing Strategies in a CI/CD Setup FUZZING | ||
10:45 15mTalk | Effective Fuzzing within CI/CD Pipelines FUZZING Arindam Sharma Imperial College London, UK, Cristian Cadar Imperial College London, Jonathan Metzman Google | ||
11:00 15mTalk | Automated Feature Testing of Verilog Parsers using Fuzzing FUZZING Quentin Corradi Imperial College London, John Wickerson Imperial College London, George A. Constantinides Imperial College London, UK | ||
11:15 15mTalk | WebAssembly as a Fuzzing Compilation Target FUZZING Florian Bauckholt CISPA Helmholtz Center for Information Security, Thorsten Holz CISPA Helmholtz Center for Information Security | ||
11:30 15mTalk | Visualization Task Taxonomy to Understand the Fuzzing Internals FUZZING Sriteja Kummita Fraunhofer IEM, Miao Miao The University of Texas at Dallas, Eric Bodden Heinz Nixdorf Institut, Paderborn University and Fraunhofer IEM, Shiyi Wei University of Texas at Dallas | ||
12:00 - 13:30 | |||
13:30 - 15:00 | |||
13:30 45mKeynote | [Keynote] Is "AI" useful for fuzzing? FUZZING | ||
14:15 45mLive Q&A | Discussion: LLMs and Fuzzing for Bug Finding FUZZING | ||
15:00 - 15:30 | |||
15:30 - 17:00 | |||
15:30 15mTalk | Sparse Symbolic Loop Execution FUZZING Frank Busse Imperial College London, Martin Nowack Imperial College London, Cristian Cadar Imperial College London | ||
15:45 15mTalk | LOOL: Low-Overhead, Optimization-Log-Guided Compiler Fuzzing FUZZING Florian Schwarcz Johannes Kepler University Linz, Felix Berlakovich μCSRL, CODE Research Institute, University of the Bundeswehr Munich, Gergö Barany Oracle Labs, Hanspeter Mössenböck JKU Linz | ||
16:00 15mTalk | The Havoc Paradox in Generator-Based Fuzzing FUZZING Ao Li Carnegie Mellon University, Madonna Huang University of British Columbia, Caroline Lemieux University of British Columbia, Rohan Padhye Carnegie Mellon University | ||
16:15 15mTalk | Understanding and Improving Coverage Tracking with AFL++ FUZZING Vasil Sarafov μCSRL, CODE Research Institute, University of the Bundeswehr Munich, David Markvica μCSRL, CODE Research Institute, University of the Bundeswehr Munich, Felix Berlakovich μCSRL, CODE Research Institute, University of the Bundeswehr Munich, Matthias Bernad μCSRL, CODE Research Institute, University of the Bundeswehr Munich, Stefan Brunthaler μCSRL, CODE Research Institute, University of the Bundeswehr Munich | ||
16:30 30mDay closing | Concluding Remarks FUZZING | ||
Accepted Papers
Cornelius Aschermann
Meta
United States
Cristian Cadar
Imperial College London
United Kingdom
Sang Kil Cha
KAIST
South Korea
Alastair F. Donaldson
Imperial College London
United Kingdom
Gregory J. Duck
National University of Singapore
Singapore
Karine Even-Mendoza
King’s College London
United Kingdom
Rahul Gopinath
University of Sydney
Australia
Ben Hermann
TU Dortmund
Germany
Renáta Hodován
University of Szeged, Hungary
Hungary
Christian Holler
Mozilla Corporation
Germany
Byoungyoung Lee
Seoul National University, South Korea
Seongmin Lee
Max Planck Institute for Security and Privacy (MPI-SP)
Germany
Caroline Lemieux
University of British Columbia
Canada
Stephan Lipp
TU Munich
Germany
Michaël Marcozzi
Université Paris-Saclay, CEA, List
France
Stefan Nagy
Martin Nowack
Imperial College London
United Kingdom
Rohan Padhye
Carnegie Mellon University
United States
Moritz Schloegel
CISPA, Germany
Flavio Toffalini
Singapore University of Technology and Design
Singapore
Jun Xu
The University of Utah
Chengyu Zhang
ETH Zurich
Switzerland
Qian Zhang
University of California at Riverside
United States