InsightQL: Advancing Human-Assisted Fuzzing with a Unified Code Database and Parameterized Query Interface

• URL: http://arxiv.org/abs/2510.04835v1
• Date: Mon, 06 Oct 2025 14:18:35 GMT
• Title: InsightQL: Advancing Human-Assisted Fuzzing with a Unified Code Database and Parameterized Query Interface
• Authors: Wentao Gao, Renata Borovica-Gajic, Sang Kil Cha, Tian Qiu, Van-Thuan Pham,
• Abstract summary: InsightQL is the first human-assisting framework for fuzz blocker analysis.<n>Powered by a unified database and an intuitive parameterized query interface, InsightQL aids developers in systematically extracting insights.<n>Our experiments on 14 popular real-world libraries from the FuzzBench benchmark demonstrate the effectiveness of InsightQL.
• Score: 8.846926306547646
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Fuzzing is a highly effective automated testing method for uncovering software vulnerabilities. Despite advances in fuzzing techniques, such as coverage-guided greybox fuzzing, many fuzzers struggle with coverage plateaus caused by fuzz blockers, limiting their ability to find deeper vulnerabilities. Human expertise can address these challenges, but analyzing fuzzing results to guide this support remains labor-intensive. To tackle this, we introduce InsightQL, the first human-assisting framework for fuzz blocker analysis. Powered by a unified database and an intuitive parameterized query interface, InsightQL aids developers in systematically extracting insights and efficiently unblocking fuzz blockers. Our experiments on 14 popular real-world libraries from the FuzzBench benchmark demonstrate the effectiveness of InsightQL, leading to the unblocking of many fuzz blockers and considerable improvements in code coverage (up to 13.90%).

Related papers

• Enhancing Fuzz Testing Efficiency through Automated Fuzz Target Generation [0.0]
  We introduce an approach to improving fuzz target generation through static analysis of library source code.<n>Our findings are demonstrated through the application of this approach to the generation of fuzz targets for C/C++ libraries.
  arXiv  Detail & Related papers  (2026-01-17T09:08:11Z)
• Intelligent Graybox Fuzzing via ATPG-Guided Seed Generation and Submodule Analysis [5.029193774082768]
  Hardware fuzzing is one of the crucial techniques for finding security flaws in modern hardware designs.<n>Coverage-Guided Fuzzing (CGF) methods help explore designs more effectively, but they struggle to focus on specific parts of the hardware.<n>Existing Directed Gray-box Fuzzing (DGF) techniques like DirectFuzz try to solve this by generating targeted tests.<n>We introduce a novel framework, PROFUZZ, that follows the DGF approach and combines fuzzing with Automatic Test Pattern Generation (ATPG) for more efficient fuzzing.
  arXiv  Detail & Related papers  (2025-09-25T06:46:19Z)
• LLAMA: Multi-Feedback Smart Contract Fuzzing Framework with LLM-Guided Seed Generation [56.84049855266145]
  We propose a Multi-feedback Smart Contract Fuzzing framework (LLAMA) that integrates evolutionary mutation strategies, and hybrid testing techniques.<n>LLAMA achieves 91% instruction coverage and 90% branch coverage, while detecting 132 out of 148 known vulnerabilities.<n>These results highlight LLAMA's effectiveness, adaptability, and practicality in real-world smart contract security testing scenarios.
  arXiv  Detail & Related papers  (2025-07-16T09:46:58Z)
• Decompiling Smart Contracts with a Large Language Model [51.49197239479266]
  Despite Etherscan's 78,047,845 smart contracts deployed on (as of May 26, 2025), a mere 767,520 ( 1%) are open source.<n>This opacity necessitates the automated semantic analysis of on-chain smart contract bytecode.<n>We introduce a pioneering decompilation pipeline that transforms bytecode into human-readable and semantically faithful Solidity code.
  arXiv  Detail & Related papers  (2025-06-24T13:42:59Z)
• Are You Getting What You Pay For? Auditing Model Substitution in LLM APIs [71.7892165868749]
  Commercial Large Language Model (LLM) APIs create a fundamental trust problem.<n>Users pay for specific models but have no guarantee that providers deliver them faithfully.<n>We formalize this model substitution problem and evaluate detection methods under realistic adversarial conditions.<n>We propose and evaluate the use of Trusted Execution Environments (TEEs) as one practical and robust solution.
  arXiv  Detail & Related papers  (2025-04-07T03:57:41Z)
• Document Screenshot Retrievers are Vulnerable to Pixel Poisoning Attacks [72.4498910775871]
  Vision-language model (VLM)-based retrievers leverage document screenshots embedded as vectors to enable effective search and offer a simplified pipeline over traditional text-only methods.<n>In this study, we propose three pixel poisoning attack methods designed to compromise VLM-based retrievers.
  arXiv  Detail & Related papers  (2025-01-28T12:40:37Z)
• Your Fix Is My Exploit: Enabling Comprehensive DL Library API Fuzzing with Large Language Models [49.214291813478695]
  Deep learning (DL) libraries, widely used in AI applications, often contain vulnerabilities like overflows and use buffer-free errors.<n>Traditional fuzzing struggles with the complexity and API diversity of DL libraries.<n>We propose DFUZZ, an LLM-driven fuzzing approach for DL libraries.
  arXiv  Detail & Related papers  (2025-01-08T07:07:22Z)
• CKGFuzzer: LLM-Based Fuzz Driver Generation Enhanced By Code Knowledge Graph [29.490817477791357]
  We propose an automated fuzz testing method driven by a code knowledge graph and powered by an intelligent agent system.<n>The code knowledge graph is constructed through interprocedural program analysis, where each node in the graph represents a code entity.<n> CKGFuzzer achieved an average improvement of 8.73% in code coverage compared to state-of-the-art techniques.
  arXiv  Detail & Related papers  (2024-11-18T12:41:16Z)
• FuzzEval: Assessing Fuzzers on Generating Context-Sensitive Inputs [0.0]
  This paper presents a comprehensive evaluation of fuzzers' ability to generate context-sensitive inputs for testing a cryptographic standard. Our study reveals nuanced performance differences among the fuzzers in terms of the validity and diversity of the produced inputs.
  arXiv  Detail & Related papers  (2024-09-18T21:55:53Z)
• FuzzCoder: Byte-level Fuzzing Test via Large Language Model [46.18191648883695]
  We propose to adopt fine-tuned large language models (FuzzCoder) to learn patterns in the input files from successful attacks. FuzzCoder can predict mutation locations and strategies locations in input files to trigger abnormal behaviors of the program.
  arXiv  Detail & Related papers  (2024-09-03T14:40:31Z)
• Corpus Poisoning via Approximate Greedy Gradient Descent [48.5847914481222]
  We propose Approximate Greedy Gradient Descent, a new attack on dense retrieval systems based on the widely used HotFlip method for generating adversarial passages. We show that our method achieves a high attack success rate on several datasets and using several retrievers, and can generalize to unseen queries and new domains.
  arXiv  Detail & Related papers  (2024-06-07T17:02:35Z)
• Vulnerability Detection Through an Adversarial Fuzzing Algorithm [2.074079789045646]
  This project aims to increase the efficiency of existing fuzzers by allowing fuzzers to explore more paths and find more bugs in shorter amounts of time. adversarial methods are built on top of current evolutionary algorithms to generate test cases for further and more efficient fuzzing.
  arXiv  Detail & Related papers  (2023-07-21T21:46:28Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.