June 20, 10:00-17:00, 2024 at the Vrije Universiteit, Amsterdam.
This workshop is aimed at researchers and practioners from the Netherlands working on fuzzing or other automated - dynamic or static - techniques to find, fix or exploit security vulnerabilities in code. As the goal is to create some collaboration and synergy, there will plenty of time for discussion and informal chats over coffee, lunch and drinks.
Presentations can
This workshop is organised by the ACCSS working group on Software Security as part of the INTERSCT project, where it is of interest for research into quality assurance in WP2 and the study of attacks in WP4. Some of the researchers involved also participate in the AVR (Automated Vulnerability Research) project of dcypher.
Information (incl. slides) of the 2023 workshop are here.10:55 - 11:00 Opening
11:00 - 11:30 A Dataset for Validating Firmware Testing Tools, Timon Heuwekemeijer and Sjors Van den Elzen (Secura)
11:30 - 12:00 Fuzzing in CI/CD pipelines, Fatih Turkmen (RUG)
12:00 - 12:30 How floating point additions can detect memory errors, Floris Gorter (VU)
12:30 - 13:15 Lunch (on location)
13:15 - 13:45 Pre-Silicon Hardware Fuzzing, Alvise de Faveri Tron (VU)
13:45 - 14:15 Web application fuzzing: a survey, I Putu Arya Dharmaadi (RUG)
14:15 - 14:45 MoreFixes: the largest CVE dataset with fixes, Jafar Akhoundali (UL)
14:30 - 14:45 Coffee
14:45 - 15:15 Non-invasive Characterization of Out-Of-Bounds Write Vulnerabilities, Jerre Starink (UT)
15:15 - 15:45 Fast stateful fuzzing with libafl*, Timme Bethe (UT) and Cristian Daniele (RU)
15:45 - 16:15 Using Large Language Models for Fuzzing Seed Generation, Raphael Isemann (VU)
16:15 - 17:00 Drinks