Results 1 to 10 of about 337 (131)

Improving Symbolic Automata Learning with Concolic Execution [PDF]

open access: yesFundamental Approaches to Software Engineering23rd International Conference, 2020
Inferring the input grammar accepted by a program is central for a variety of software engineering problems, including parsers verification, grammar-based fuzzing, communication protocol inference, and documentation. Sound and complete active learning techniques have been developed for several classes of languages and the corresponding automaton ...
Clun D   +3 more
europepmc   +5 more sources

Enhancing Security of Web-Based IoT Services via XSS Vulnerability Detection [PDF]

open access: yesSensors, 2023
The Internet of Things (IoT) technology is experiencing significant growth and integration into various aspects of daily life. With the rising number of connected devices, diverse security challenges are emerging as substantial threats to IoT. Cross-Site
Jemin Kim, Joonseok Park
doaj   +2 more sources

Annotary: A Concolic Execution System for Developing Secure Smart Contracts [PDF]

open access: yesLecture Notes in Computer Science, 2019
Ethereum smart contracts are executable programs, deployed on a peer-to-peer network and executed in a consensus-based fashion. Their bytecode is public, immutable and once deployed to the blockchain, cannot be patched anymore. As smart contracts may hold Ether worth of several million dollars, they are attractive targets for attackers and indeed some ...
Konrad Weiss, Julian Schutte
exaly   +4 more sources

SymFusion: Hybrid Instrumentation for Concolic Execution [PDF]

open access: yesProceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering, 2022
Concolic execution is a dynamic twist of symbolic execution de- signed with scalability in mind. Recent concolic executors heavily rely on program instrumentation to achieve such scalability. The instrumentation code can be added at compilation time (e.g., using an LLVM pass), or directly at execution time with the help of a dynamic binary translator ...
Emilio Coppa   +2 more
openaire   +4 more sources

Testing concolic execution through consistency checks [PDF]

open access: yesJournal of Systems and Software, 2023
Symbolic execution is a well-known software testing technique that evaluates how a program runs when considering a symbolic input, i.e., an input that can initially assume any concrete value admissible for its data type. The dynamic twist of this technique is dubbed concolic execution and has been demonstrated to be a practical technique for testing ...
Emilio Coppa, Alessio Izzillo
openaire   +2 more sources

Concolic Execution of NMap Scripts for Honeyfarm Generation [PDF]

open access: yesProceedings of the 8th ACM Workshop on Moving Target Defense, 2021
Attackers rely upon a vast array of tools for automating attacksagainst vulnerable servers and services. It is often the case thatwhen vulnerabilities are disclosed, scripts for detecting and exploit-ing them in tools such asNmapandMetasploitare released soonafter, leading to the immediate identification and compromise ofvulnerable systems.
Zhe Li 0014   +3 more
openaire   +3 more sources

LLM-Based Unknown Function Automated Modeling in Sensor-Driven Systems for Multi-Language Software Security Verification [PDF]

open access: yesSensors
The rapid expansion of the Internet of Things (IoT) has made software security and reliability a critical concern. With multi-language programs running on edge computing, embedded systems, and sensors, each connected device represents a potential attack ...
Liangjun Deng   +4 more
doaj   +2 more sources

Concolic Execution for WebAssembly (Artifact). [PDF]

open access: yesDagstuhl Artifacts Ser., 2022
This artifact contains the implementation of WASP, a symbolic execution engine for Wasm, and WASP-C, a symbolic execution framework for testing C programs built using WASP . WASP works directly on Wasm code and was built on top of a standard-compliant Wasm reference implementation [Andreas Haas et al., 2017].
Filipe Marques   +3 more
openaire   +4 more sources

Vulnerability Repair via Concolic Execution and Code Mutations

open access: yesACM Transactions on Software Engineering and Methodology
Security vulnerabilities detected via techniques like greybox fuzzing are often fixed with a significant time lag. This increases the exposure of the software to vulnerabilities. Automated fixing of vulnerabilities where a tool can generate fix suggestions is thus of value.
Ridwan Shariffdeen   +2 more
exaly   +2 more sources

Exploratory Review of Hybrid Fuzzing for Automated Vulnerability Detection

open access: yesIEEE Access, 2021
Recently, software testing has become a significant component of information security. The most reliable technique for automated software testing is a fuzzing tool that feeds programs with random test-input and detects software vulnerabilities that are ...
Fayozbek Rustamov   +3 more
doaj   +1 more source

Home - About - Disclaimer - Privacy