Research on Fuzzing Technology for JavaScript Engines

Abstract

JavaScript engine is the core component of web browsers, whose security issues are one of the critical aspects of the overall Web Eco-Security. Fuzzing technology, as an efficient software testing approach, has been widely applied to detecting vulnerabilities in different JavaScript engines, which is a security research hotspot at present. Based on systematical dissection of existing fuzzing methods, this paper reviews the development and technical ideas of JavaScript Engine Fuzzing combined with taxonomy, proposes a general framework of JavaScript Engine Fuzzing and analyzes the key techniques involved. Finally, we discuss the core issues that restrict efficiency in current research and present an outlook on the future trends of JavaScript Engine Fuzzing.