Fuzzing is the primary tool for identifying vulnerabilities in applications. With a plethora of fuzzers available today, each boasting its unique exploration strategy, how do you determine which one aligns with your application? Especially considering that fuzzing is computationally expensive, making the right choice is crucial.

In our paper presented at Usenix Security 2023 (#usenix2023 #usenix), featured in Thursday's Track 6, we delve into this challenge. We demonstrate how mutation analysis, traditionally regarded as the gold standard for test suite evaluation, can be effectively applied to assess fuzzers. Moreover, we provide insights on mitigating the computational demands of mutation analysis through the smart evaluation of mutants. https://rahul.gopinath.org/publications/2023/04/26/systematic/