What problem does this paper attempt to address?

### What problems does this paper attempt to solve? This paper aims to solve the problems of reproducibility and effectiveness in fuzzing evaluation methods. Specifically, the authors systematically analyzed 150 fuzzing papers published in top - level conferences from 2018 to 2023, studied whether these papers followed the existing evaluation guidelines, and identified the deficiencies and potential problems in the actual evaluation process. #### Main problems include: 1. **Reproducibility of evaluation**: - The high randomness of fuzzing makes it difficult to reproduce experimental results. Many papers failed to fully consider this point, causing the reliability and reproducibility of evaluation results to be questioned. - The experimental settings, resource allocation used, and selection of initial seeds in the papers may all affect the reproducibility of experimental results. 2. **Adoption of existing guidelines**: - Although there are already literatures (such as Klees et al.'s paper in 2018) that have proposed detailed evaluation guidelines, these guidelines have not been widely followed in practical applications. For example, statistical testing and the handling of systematic errors are ignored in many papers. - Some papers used inappropriate benchmarks or target programs in the evaluation process, or did not perform a sufficient number of experimental repetitions to eliminate the influence of random factors. 3. **Selection of evaluation indicators**: - Many papers rely on proxy indicators (such as code coverage) while ignoring the core goal of fuzzing - finding vulnerabilities. This practice may lead to misjudgment of the performance of fuzzing tools. - Some papers used data sets with artificially injected vulnerabilities, which are no longer recommended because these vulnerabilities are usually too simple to reflect the complex situations in the real world. 4. **Defects in actual evaluation**: - The authors attempted to reproduce some of the evaluation results of eight fuzzing papers and found multiple problems, such as unreasonable experimental settings, unfair resource allocation, and improper selection of initial seeds. - These problems indicate that there are many challenges in the current fuzzing evaluation methods and need to be improved to ensure the scientific nature and reproducibility of evaluation results. ### Conclusions and Recommendations Based on the above analysis, the authors proposed a series of updated guidelines and best practices, aiming to help future research work evaluate fuzzing methods more scientifically and reliably. These recommendations include but are not limited to: - **Increase the number of experimental repetitions**: In order to reduce the impact of randomness on results, it is recommended to conduct multiple experiments. - **Use statistical methods**: Verify the effectiveness of new methods through appropriate statistical tests (such as Mann - Whitney U - test). - **Select appropriate evaluation indicators**: Give priority to using the ability to find vulnerabilities as the main evaluation criterion, supplemented by secondary indicators such as code coverage. - **Allocate resources fairly**: Ensure that all compared fuzzing tools run under the same resource conditions. - **Transparently disclose experimental details**: Record and publicly disclose experimental settings, initial seeds, resources used, etc. in detail so that other researchers can reproduce the experiments. Through these improvement measures, the authors hope to promote the evaluation methods in the fuzzing field to be more rigorous and scientific, thereby improving the quality and credibility of research results.