Fuzzing: Progress, Challenges, and Perspectives.

As one of the most effective techniques for finding software vulnerabilities, fuzzing has become a hot topic in software security. It feeds potentially syntactically or semantically malformed test data to a target program to mine vulnerabilities and crash the system. In recent years, considerable efforts have been dedicated by researchers and practitioners towards improving fuzzing, so there aremore and more methods and forms, whichmake it difficult to have a comprehensive understanding of the technique. This paper conducts a thorough survey of fuzzing, focusing on its general process, classification, common application scenarios, and some state-of-the-art techniques that have been introduced to improve its performance. Finally, this paper puts forward key research challenges and proposes possible future research directions that may provide new insights for researchers. [ABSTRACT FROM AUTHOR]