Results 1 to 10 of about 211,276 (289)
Ffuzz: Towards full system high coverage fuzz testing on binary executables. [PDF]
PLoS ONE, 2018 Bugs and vulnerabilities in binary executables threaten cyber security. Current discovery methods, like fuzz testing, symbolic execution and manual analysis, both have advantages and disadvantages when exercising the deeper code area in binary ...
Bin Zhang +4 more
doaj +1 more source
A Survey of Symbolic Execution Techniques [PDF]
, 2018 Many security and software testing applications require checking whether certain properties of a program hold for any possible usage scenario. For instance, a tool for identifying software vulnerabilities may need to rule out the existence of any ...
Baldoni, Roberto +4 more
core +2 more sources
Test Readability Optimization in Context of Symbolic Execution
Труды Института системного программирования РАН, 2018 Software testing is a time consuming process. In general, software companies spend about 50% of development time on testing. On the other hand, lack of testing implies financial and other risks.
I. A. Yakimov, A. S. Kuznetsov
doaj +1 more source
Generation of the weakest preconditions of programs with dynamic memory in symbolic execution
Научно-технический вестник информационных технологий, механики и оптикиSymbolic execution is a widely used method for the systematic study of program execution paths; it allows solving a number of important problems related to verification of correctness: searching for errors and vulnerabilities, automatic test generation ...
A. V. Misonizhnik +4 more
doaj +1 more source
Directed Symbolic Execution [PDF]
, 2011 In this paper, we study the problem of automatically finding program executions that reach a particular target line. This problem arises in many debugging scenarios; for example, a developer may want to confirm that a bug reported by a static analysis tool on a particular line is a true positive.
Kin-Keung Ma +3 more
openaire +1 more source
Checking Interaction-Based Declassification Policies for Android Using Symbolic Execution [PDF]
, 2015 Mobile apps can access a wide variety of secure information, such as contacts and location. However, current mobile platforms include only coarse access control mechanisms to protect such data.
A Sabelfeld +10 more
core +2 more sources
Symbolic types for lenient symbolic execution [PDF]
Proceedings of the ACM on Programming Languages, 2017 We present lambda_sym, a typed λ-calculus for lenient symbolic execution , where some language constructs do not recognize symbolic values. Its type system, however, ensures safe behavior of all symbolic values in a program.
Stephen Chang, Alex Knauth, Emina Torlak
openaire +1 more source
Building security predicates for some types of vulnerabilities
Труды Института системного программирования РАН, 2018 Approaches for code execution using program vulnerabilities are considered in this paper. Particularly, ways of code execution using buffer overflow on stack and on heap, using use-after-free vulnerabilities and format string vulnerabilities are examined
A. N. Fedotov +3 more
doaj +1 more source
On the Automatic Analysis of the Practical Resistance of Obfusting Transformations
Моделирование и анализ информационных систем, 2019 A method is developed for assessing the practical persistence of obfuscating transformations of programs based on the calculation of the similarity index for the original, obfuscated and deobfuscated programs.
Petr D. Borisov, Yu. V. Kosolapov
doaj +1 more source
Badger: Complexity Analysis with Fuzzing and Symbolic Execution
, 2018 Hybrid testing approaches that involve fuzz testing and symbolic execution have shown promising results in achieving high code coverage, uncovering subtle errors and vulnerabilities in a variety of software applications. In this paper we describe Badger -
Ammons Glenn +6 more
core +1 more source