{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,11]],"date-time":"2026-04-11T02:12:58Z","timestamp":1775873578145,"version":"3.50.1"},"reference-count":67,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017,5]]},"DOI":"10.1109\/sp.2017.27","type":"proceedings-article","created":{"date-parts":[[2017,6,26]],"date-time":"2017-06-26T16:34:26Z","timestamp":1498494866000},"page":"615-632","source":"Crossref","is-referenced-by-count":82,"title":["NEZHA: Efficient Domain-Independent Differential Testing"],"prefix":"10.1109","author":[{"given":"Theofilos","family":"Petsios","sequence":"first","affiliation":[]},{"given":"Adrian","family":"Tang","sequence":"additional","affiliation":[]},{"given":"Salvatore","family":"Stolfo","sequence":"additional","affiliation":[]},{"given":"Angelos D.","family":"Keromytis","sequence":"additional","affiliation":[]},{"given":"Suman","family":"Jana","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.21236\/ADA610472"},{"key":"ref38","first-page":"445","article-title":"Fuzzing with code fragments","author":"holler","year":"2012","journal-title":"21st USENIX Security Symposium (USENIX Security 2012)"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382204"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1145\/2786805.2786835"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1145\/2908080.2908095"},{"key":"ref30","first-page":"3","article-title":"N-version programming: A fault-tolerance approach to reliability of software operation","author":"chen","year":"1978","journal-title":"Digest of Papers FTCS-8 Eighth Annual International Conference on Fault Tolerant Computing"},{"key":"ref37","first-page":"49","article-title":"Dowsing for overflows: A guided fuzzer to find buffer boundary violations","author":"haller","year":"2013","journal-title":"22nd USENIX Security Symposium (USENIX Security'13) USENIX"},{"key":"ref36","first-page":"151","article-title":"Automated whitebox fuzz testing","volume":"8","author":"godefroid","year":"2008","journal-title":"Proceedings of the 2008 Network and Distributed Systems Symposium (NDSS)"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1145\/1065010.1065036"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1145\/1375581.1375607"},{"key":"ref60","first-page":"46","article-title":"Memorysanitizer: fast detector of uninitialized memory use in C++","author":"stepanov","year":"2015","journal-title":"Proceedings of the 13th Annual IEEE\/ACM International Symposium on Code Generation and Optimization (CGO)"},{"key":"ref62","article-title":"The. xz File Format","year":"2009","journal-title":"Tool Interface Standards"},{"key":"ref61","doi-asserted-by":"crossref","DOI":"10.14722\/ndss.2016.23368","article-title":"Driller: Augmenting fuzzing through selective symbolic execution","author":"stephens","year":"2016","journal-title":"Proceedings of the Network and Distributed System Security Symposium (NDSS)"},{"key":"ref63","article-title":"Executable and Linking Format (ELF) specification","year":"1995","journal-title":"Tool Interface Standards"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.50"},{"key":"ref64","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23115"},{"key":"ref27","doi-asserted-by":"crossref","first-page":"2","DOI":"10.1007\/11537328_2","article-title":"Execution generated test cases: How to make systems code crash itself","author":"cadar","year":"2005","journal-title":"10th Int SPIN Workshop on Model Checking Software"},{"key":"ref65","doi-asserted-by":"publisher","DOI":"10.1145\/1993498.1993532"},{"key":"ref66","author":"zalewski","year":"0","journal-title":"American Fuzzy Lop"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046737"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-48166-4_16"},{"key":"ref2","year":"0","journal-title":"Ioactive_elf_parsing_with_melkor pdf"},{"key":"ref1","year":"0","journal-title":"Executable and Linkable Format (ELF)"},{"key":"ref20","year":"2016","journal-title":"The Transport Layer Security (TLS) Protocol Version 1 3"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1145\/3062341.3062349"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978383"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.15"},{"key":"ref23","first-page":"1","article-title":"Coverage-based grey-box fuzzing as markov chain","author":"b\u00f6hme","year":"2016","journal-title":"Proceedings of the 23rd ACM Conference on Computerand Communications Security (CCS)"},{"key":"ref26","first-page":"209","article-title":"Klee: Unassisted and automatic generation of high-coverage tests for complex systems programs","volume":"8","author":"cadar","year":"2008","journal-title":"Second USENIX Symposium on Operating Systems Design and Implementation (OSDI)"},{"key":"ref25","article-title":"Towards automatic discovery of deviations in binary implementations with applications to error detection and fingerprint generation","author":"brumley","year":"2007","journal-title":"Proc of the 16th USENIX Security Symposium (USENIX SECURITY-07)"},{"key":"ref50","doi-asserted-by":"publisher","DOI":"10.1109\/52.56422"},{"key":"ref51","first-page":"100","article-title":"Differential testing for software","volume":"10","author":"mckeeman","year":"1998","journal-title":"Digital Technical Journal"},{"key":"ref59","doi-asserted-by":"publisher","DOI":"10.1145\/1993316.1993539"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1145\/331960.331965"},{"key":"ref57","first-page":"309","article-title":"Addresssanitizer: a fast address sanity checker","author":"serebryany","year":"2012","journal-title":"Proceedings of the USENIX Annual Technical Conference(USENIX ATC'2012) 2012"},{"key":"ref56","author":"ruderman","year":"0","journal-title":"Introducing Jsfunfuzz"},{"key":"ref55","doi-asserted-by":"crossref","DOI":"10.14722\/ndss.2017.23404","article-title":"Vuzzer: Application-aware evolutionary fuzzing","author":"rawat","year":"2017","journal-title":"Proceedings of the Network and Distributed System Security Symposium (NDSS)"},{"key":"ref54","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-22110-1_55"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1002\/(SICI)1099-1689(199912)9:4<263::AID-STVR190>3.0.CO;2-Y"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1145\/96267.96279"},{"key":"ref10","year":"1999","journal-title":"Internet X 509 public key infrastructure certificate policy and certification practices framework"},{"key":"ref11","year":"1999","journal-title":"The TLS Protocol Version 1 0"},{"key":"ref40","article-title":"Automatically Detecting Error Handling Bugs using Error Specifications","author":"jana","year":"2016","journal-title":"USENIX Security Symposium (USENIX Security)"},{"key":"ref12","year":"2000","journal-title":"HTTP over TLS"},{"key":"ref13","year":"2001","journal-title":"System V Application Binary Interface"},{"key":"ref14","year":"2006","journal-title":"The transport layer security (TLS) protocol version 1 1"},{"key":"ref15","year":"2008","journal-title":"Internet X 509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile"},{"key":"ref16","year":"2008","journal-title":"The Transport Layer Security (TLS) Protocol Version 1 2"},{"key":"ref17","year":"2011","journal-title":"Representation and Verification of Domain-based Application Service Identity Within Internet Public Key Infrastructure Using X 509 (PKIX) Certificates in the Context of Transport Layer Security (TLS)"},{"key":"ref18","year":"2011","journal-title":"The Secure Sockets Layer (SSL) Protocol Version 3 0"},{"key":"ref19","year":"2015","journal-title":"XZ Utils"},{"key":"ref4","year":"0","journal-title":"libFuzzer-a library for coverage-guided fuzz testing-LLVM 3 9 documentation"},{"key":"ref3","year":"0","journal-title":"Isartor test suite (terms of use & download)-pdf association"},{"key":"ref6","year":"0","journal-title":"Santizercoverage-Clang 4 0 documentation"},{"key":"ref5","year":"0","journal-title":"Nezha (chinese protection god)"},{"key":"ref8","year":"0","journal-title":"Undefined behavior sanitizer-Clang 4 0 documentation"},{"key":"ref7","year":"0","journal-title":"The EFF SSL Observatory"},{"key":"ref49","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2001.989787"},{"key":"ref9","year":"0","journal-title":"Virusshare com"},{"key":"ref46","first-page":"197","article-title":"Practical evasion of a learning-based classifier: A case study","author":"laskov","year":"2014","journal-title":"Proceedings of the 2014 IEEE Symposium on Security and Privacy (S&P)"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2006.06.015"},{"key":"ref48","article-title":"An interpretation of purdom's algorithm for automatic generation of test cases","author":"malloy","year":"2001","journal-title":"International conference on computer and information science"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1145\/2814270.2814319"},{"key":"ref42","doi-asserted-by":"publisher","DOI":"10.1145\/2970276.2970354"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.15"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1986.6312924"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1145\/360248.360252"}],"event":{"name":"2017 IEEE Symposium on Security and Privacy (SP)","location":"San Jose, CA, USA","start":{"date-parts":[[2017,5,22]]},"end":{"date-parts":[[2017,5,26]]}},"container-title":["2017 IEEE Symposium on Security and Privacy (SP)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/7957740\/7958557\/07958601.pdf?arnumber=7958601","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,26]],"date-time":"2019-09-26T23:46:09Z","timestamp":1569541569000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7958601\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,5]]},"references-count":67,"URL":"https:\/\/doi.org\/10.1109\/sp.2017.27","relation":{},"subject":[],"published":{"date-parts":[[2017,5]]}}}