Security vulnerability is one of the root causes of cyber-security threats. To discover vulnerabilities and fix them in advance, researchers have proposed several techniques, among which fuzzing is the most widely used one. In recent years, fuzzing solutions, like AFL, have made great improvements in vulnerability discovery. This paper presents a summary of the recent advances, analyzes how they improve the fuzzing process, and sheds light on future work in fuzzing. Firstly, we discuss the reason why fuzzing is popular, by comparing different commonly used vulnerability discovery techniques. Then we present an overview of fuzzing solutions, and discuss in detail one of the most popular type of fuzzing, i.e., coverage-based fuzzing. Then we present other techniques that could make fuzzing process smarter and more efficient. Finally, we show some applications of fuzzing, and discuss new trends of fuzzing and potential future directions.

中文翻译：

---

模糊测试：一项调查

安全漏洞是网络安全威胁的根源之一。为了发现漏洞并提前修复，研究人员提出了几种技术，其中模糊测试是使用最广泛的一种。近年来，像 AFL 这样的模糊测试解决方案在漏洞发现方面取得了很大的进步。本文总结了最新进展，分析了它们如何改进模糊测试过程，并阐明了模糊测试的未来工作。首先，我们通过比较不同的常用漏洞发现技术来讨论模糊测试流行的原因。然后我们概述了模糊测试解决方案，并详细讨论了最流行的模糊测试类型之一，即基于覆盖的模糊测试。然后我们介绍了其他可以使模糊测试过程更智能、更高效的技术。最后，