Results 1 to 10 of about 337 (131)
Improving Symbolic Automata Learning with Concolic Execution [PDF]
Inferring the input grammar accepted by a program is central for a variety of software engineering problems, including parsers verification, grammar-based fuzzing, communication protocol inference, and documentation. Sound and complete active learning techniques have been developed for several classes of languages and the corresponding automaton ...
Clun D +3 more
europepmc +5 more sources
Enhancing Security of Web-Based IoT Services via XSS Vulnerability Detection [PDF]
The Internet of Things (IoT) technology is experiencing significant growth and integration into various aspects of daily life. With the rising number of connected devices, diverse security challenges are emerging as substantial threats to IoT. Cross-Site
Jemin Kim, Joonseok Park
doaj +2 more sources
Annotary: A Concolic Execution System for Developing Secure Smart Contracts [PDF]
Ethereum smart contracts are executable programs, deployed on a peer-to-peer network and executed in a consensus-based fashion. Their bytecode is public, immutable and once deployed to the blockchain, cannot be patched anymore. As smart contracts may hold Ether worth of several million dollars, they are attractive targets for attackers and indeed some ...
Konrad Weiss, Julian Schutte
exaly +4 more sources
SymFusion: Hybrid Instrumentation for Concolic Execution [PDF]
Concolic execution is a dynamic twist of symbolic execution de- signed with scalability in mind. Recent concolic executors heavily rely on program instrumentation to achieve such scalability. The instrumentation code can be added at compilation time (e.g., using an LLVM pass), or directly at execution time with the help of a dynamic binary translator ...
Emilio Coppa +2 more
openaire +4 more sources
Testing concolic execution through consistency checks [PDF]
Symbolic execution is a well-known software testing technique that evaluates how a program runs when considering a symbolic input, i.e., an input that can initially assume any concrete value admissible for its data type. The dynamic twist of this technique is dubbed concolic execution and has been demonstrated to be a practical technique for testing ...
Emilio Coppa, Alessio Izzillo
openaire +2 more sources
Concolic Execution of NMap Scripts for Honeyfarm Generation [PDF]
Attackers rely upon a vast array of tools for automating attacksagainst vulnerable servers and services. It is often the case thatwhen vulnerabilities are disclosed, scripts for detecting and exploit-ing them in tools such asNmapandMetasploitare released soonafter, leading to the immediate identification and compromise ofvulnerable systems.
Zhe Li 0014 +3 more
openaire +3 more sources
LLM-Based Unknown Function Automated Modeling in Sensor-Driven Systems for Multi-Language Software Security Verification [PDF]
The rapid expansion of the Internet of Things (IoT) has made software security and reliability a critical concern. With multi-language programs running on edge computing, embedded systems, and sensors, each connected device represents a potential attack ...
Liangjun Deng +4 more
doaj +2 more sources
Concolic Execution for WebAssembly (Artifact). [PDF]
This artifact contains the implementation of WASP, a symbolic execution engine for Wasm, and WASP-C, a symbolic execution framework for testing C programs built using WASP . WASP works directly on Wasm code and was built on top of a standard-compliant Wasm reference implementation [Andreas Haas et al., 2017].
Filipe Marques +3 more
openaire +4 more sources
Vulnerability Repair via Concolic Execution and Code Mutations
Security vulnerabilities detected via techniques like greybox fuzzing are often fixed with a significant time lag. This increases the exposure of the software to vulnerabilities. Automated fixing of vulnerabilities where a tool can generate fix suggestions is thus of value.
Ridwan Shariffdeen +2 more
exaly +2 more sources
Exploratory Review of Hybrid Fuzzing for Automated Vulnerability Detection
Recently, software testing has become a significant component of information security. The most reliable technique for automated software testing is a fuzzing tool that feeds programs with random test-input and detects software vulnerabilities that are ...
Fayozbek Rustamov +3 more
doaj +1 more source

