Results 21 to 30 of about 337 (131)
Malware recognition approach based on self‐similarity and an improved clustering algorithm
Abstract The recognition of malware in network traffic is an important research problem. However, existing solutions addressing this problem rely heavily on the source code and misrecognise vulnerabilities (i.e. incur a high false positive rate (FPR)) in some cases.
Jinfu Chen +5 more
wiley +1 more source
Fostering the diversity of exploratory testing in web applications
Exploratory testing (ET) is an approach to software testing that relies on the expertise of testers. However, testers performing exploratory testing may miss anomalies or unusual interactions proposed by the system. Our approach monitors testers' interactions to suggest, in real time, interactions that increase the diversity of their explorations ...
Julien Leveau +4 more
wiley +1 more source
SHFuzz: Selective Hybrid Fuzzing with Branch Scheduling Based on Binary Instrumentation
Hybrid fuzzing is a popular software testing technique that combines random fuzzing with concolic execution. It is widely used in the security domain known for its ability to find deeply hidden vulnerabilities and reach high code coverage. Hybrid fuzzing
Xianya Mi +4 more
doaj +1 more source
BUGSJS: a benchmark and taxonomy of JavaScript bugs
In this study, we propose BugsJS, a benchmark of 453 real JavaScript bugs from 10 server‐side programs. We extended BugsJS with a rich web interface for visualizing and dissecting the bugs' information, as well as a programmable API to access the faulty source code and to execute the corresponding test cases, which facilitates conducting highly ...
Péter Gyimesi +6 more
wiley +1 more source
StFuzzer: Contribution‐Aware Coverage‐Guided Fuzzing for Smart Devices
The root cause of the insecurity for smart devices is the potential vulnerabilities in smart devices. There are many approaches to find the potential bugs in smart devices. Fuzzing is the most effective vulnerability finding technique, especially the coverage‐guided fuzzing. The coverage‐guided fuzzing identifies the high‐quality seeds according to the
Jiageng Yang +5 more
wiley +1 more source
Fuzz testing is a simple automated software testing approach that discovers software vulnerabilities at a high level of performance by using randomly generated seeds.
Fayozbek Rustamov +2 more
doaj +1 more source
COASTAL: Combining Concolic and Fuzzing for Java (Competition Contribution) [PDF]
COASTAL is a program analysis tool for Java programs. It combines concolic execution and fuzz testing in a framework with built-in concurrency, allowing the two approaches to cooperate ...
Visser W, Geldenhuys J.
europepmc +2 more sources
Incremental Formula-Based Fix Localization
Automatically fixing bugs in software programs can significantly reduce the cost and improve the productivity of the software. Toward this goal, a critical and challenging problem is automatic fix localization, which identifies program locations where a ...
Quang-Ngoc Phung, Eunseok Lee
doaj +1 more source
Concolic Execution for WebAssembly.
WebAssembly (Wasm) is a new binary instruction format that allows targeted compiled code written in high-level languages to be executed by the browser’s JavaScript engine with near-native speed. Despite its clear performance advantages, Wasm opens up the opportunity for bugs or security vulnerabilities to be introduced into Web programs, as pre ...
Filipe Marques +3 more
openaire +3 more sources
Historically program analysis methods are divided into two groups - static program analysis methods and dynamic program analysis methods. In this paper, we present a combined approach which allows to determine reachability for defects found by static ...
A. Y. Gerasimov +3 more
doaj +1 more source

