A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
Filters
Enhancing symbolic execution with veritesting
2016
Communications of the ACM
Preserved Fulltext
MergePoint introduces veritesting, a new technique that employs static symbolic execution to amplify the effect of dynamic symbolic execution. ...
Veritesting allows MergePoint to find twice as many bugs, explore orders of magnitude more paths, and achieve higher code coverage than previous dynamic symbolic execution systems. ...
CONCLUSION In this paper we proposed MergePoint and veritesting, a new technique to enhance symbolic execution with verificationbased algorithms. ...
doi:10.1145/2927924
fatcat:uxzvuhiwpnacxmhj2jch5mpf7y
Enhancing symbolic execution with veritesting
2014
Proceedings of the 36th International Conference on Software Engineering - ICSE 2014
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
MergePoint introduces veritesting, a new technique that employs static symbolic execution to amplify the effect of dynamic symbolic execution. ...
Veritesting allows MergePoint to find twice as many bugs, explore orders of magnitude more paths, and achieve higher code coverage than previous dynamic symbolic execution systems. ...
CONCLUSION In this paper we proposed MergePoint and veritesting, a new technique to enhance symbolic execution with verificationbased algorithms. ...
doi:10.1145/2568225.2568293
dblp:conf/icse/AvgerinosRCB14
fatcat:lju5ctb2dbfpnp6cbdyvpox4ka
A Survey of Search Strategies in the Dynamic Symbolic Execution
2017
ITM Web of Conferences
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Dynamic symbolic execution (DSE) is an important way to discover software vulnerabilities. ...
One key challenge in DSE is to find proper paths in the huge program execution space to generate effective inputs. ...
RWset truncates a path as soon as possibl e, thereby enhancing the efficiency of the dynamic symbolic execution, and reducing the path explosion. Veritesting. ...
doi:10.1051/itmconf/20171203025
fatcat:oererg6dwbgvbfnn3vwgufsywe
A hybrid symbolic execution assisted fuzzing method
2017
TENCON 2017 - 2017 IEEE Region 10 Conference
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
This method starts with a bounded symbolic execution of the target program so as to explore as many paths as possible. Constraints of the explored paths are collected and solved for inputs. ...
and effectiveness of the overall exploration can be greatly enhanced. ...
However, techniques such as veritesting [18] which performs smart path merging has facilitated symbolic execution to work efficiently with such complex code constructs. ...
doi:10.1109/tencon.2017.8227972
fatcat:ph3qhljpwrca5cgdm6ohbafwnm
SOK: (State of) The Art of War: Offensive Techniques in Binary Analysis
2016
2016 IEEE Symposium on Security and Privacy (SP)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
In many situations binary analysis is the only possible way to prove (or disprove) properties about the code that is actually executed. ...
We found that symbolic execution (including Veritesting) covered an average of 330 blocks per binary (with a median of 260), while fuzzing covered 689 (with a median of 402) and symbolic-assisted fuzzing ...
Dynamic symbolic execution. We chose to evaluate dynamic symbolic execution both alone and in the presence of the Veritesting path explosion mitigation technique. ...
doi:10.1109/sp.2016.17
dblp:conf/sp/Shoshitaishvili16
fatcat:dw3axxn4mbczjmhpwhwd5jnfe4
DASE: Document-Assisted Symbolic Execution for Improving Automated Software Testing
2015
2015 IEEE/ACM 37th IEEE International Conference on Software Engineering
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
DASE then uses the input constraints to guide symbolic execution to focus on inputs that are semantically more important. ...
We propose and implement a new approach, Document-Assisted Symbolic Execution (DASE), to improve automated test generation and bug detection. ...
ACKNOWLEDGMENT The authors thank the statistical counseling service provided by the University of Waterloo and William Marshall for help with the statistical analysis of the results. ...
doi:10.1109/icse.2015.78
dblp:conf/icse/WongZWLT15
fatcat:pcfxcedk6ne4rnzk6hmmgb2bwy
Hercules: Reproducing Crashes in Real-World Application Binaries
2015
2015 IEEE/ACM 37th IEEE International Conference on Software Engineering
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
Experiments on real-life applications such as the Adobe Reader and the Windows Media Player demonstrate that our Hercules tool built on selective symbolic execution engine S2E can generate crashing inputs ...
within few hours, where symbolic approaches (as embodied by S2E) or blackbox fuzzing approaches (as embodied by the commercial tool PeachFuzzer) failed. ...
Built on Mayhem, Veritesting enhances dynamic symbolic execution with static symbolic execution [26] . These approaches are orthogonal to our work and can be integrated to enhance its scalability. ...
doi:10.1109/icse.2015.99
dblp:conf/icse/PhamNRR15
fatcat:tz7epnwtmrcejmipw4zb2vsovm
A Survey of Symbolic Execution Techniques
[article]
2018
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
Symbolic execution provides an elegant solution to the problem, by systematically exploring many possible execution paths at the same time without necessarily requiring concrete inputs. ...
Symbolic execution has been incubated in dozens of tools developed over the last four decades, leading to major practical breakthroughs in a number of prominent software reliability applications. ...
Section 3 through Section 6 address the key challenges that we listed in Section 1.2, while Section 7 discusses how recent advances in other areas could be applied to enhance symbolic execution techniques ...
arXiv:1610.00502v3
fatcat:zez6xtyiuna6rgv7ola3nzxmty
A Survey of Symbolic Execution Techniques
2018
ACM Computing Surveys
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Symbolic execution provides an elegant solution to the problem, by systematically exploring many possible execution paths at the same time without necessarily requiring concrete inputs. ...
Symbolic execution has been incubated in dozens of tools developed over the last four decades, leading to major practical breakthroughs in a number of prominent software reliability applications. ...
Section 3 through Section 6 address the key challenges that we listed in Section 1.2, while Section 7 discusses how recent advances in other areas could be applied to enhance symbolic execution techniques ...
doi:10.1145/3182657
fatcat:h6kadibzkvevxa3lgzdtdokq74
Exploiting Trade-offs in Symbolic Execution for Identifying Security Bugs
2018
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
In the second part of the dissertation, we investigate veritesting, a symbolic execution technique for exploiting the trade-o between formula expressivity and number of program states. ...
By exploiting specific trade-o s in symbolic execution, such as state pruning and careful state modeling, we show how to increase the efficacy of vanilla symbolic execution in identifying exploitable bugs ...
Conclusion In this chapter we proposed MergePoint and veritesting, a new technique to enhance symbolic execution with verification-based algorithms. ...
doi:10.1184/r1/6716573
fatcat:p3iys4iozvgmlamdkwclfsf2ra
Combining Black-Box and White-Box Techniques for Learning Register Automata
[chapter]
2019
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
In this paper, we explore some directions for future research on how black-box model learning can be enhanced using white-box information extraction methods, with the aim to maintain the benefits of dynamic ...
Recently, various techniques have been employed to extend automata learning to extended automata models, which combine control flow with guards and assignments to data variables. ...
There is a range of white-box symbolic execution techniques, such as veritesting [7] , concolic testing [35] , and white-box fuzz testing [34] that can be adapted to find counterexamples for hypothesis ...
doi:10.1007/978-3-319-91908-9_26
fatcat:jqjz3fm5ivbdni62vt2mukjmle
Fatal injection: a survey of modern code injection attack countermeasures
2017
PeerJ Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
A CIA can have different forms depending on the execution context of the application and the location of the programming flaw that leads to the attack. ...
With a code injection attack (CIA) an attacker can introduce malicious code into a computer program or system that fails to properly encode data that comes from an untrusted source. ...
ACKNOWLEDGEMENTS We want to thank the reviewers for providing us with valuable suggestions and insightful comments. ...
doi:10.7717/peerj-cs.136
fatcat:erqwjwx3pndy5gkywrt4dwhpf4
Driller: Augmenting Fuzzing Through Selective Symbolic Execution
2016
Proceedings 2016 Network and Distributed System Security Symposium
unpublished
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
As products with access to sensitive data are becoming more prevalent, the number of potentially exploitable systems is also increasing, resulting in a greater need for automated software vetting tools ...
DARPA recently funded a competition, with millions of dollars in prize money, to further research focusing on automated vulnerability finding and patching, showing the importance of research in this area ...
These results demonstrate that enhancing a fuzzer with selective concolic execution improves its performance in finding crashes. ...
doi:10.14722/ndss.2016.23368
fatcat:xbuhao7zu5apzmmdr7k23gyuiq
FUZZBOMB: Autonomous Cyber Vulnerability Detection and Repair
unpublished
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Starting from our prior work on autonomous cyber defense and symbolic analysis of binary programs, we developed numerous new components to create FUZZBOMB. ...
The basic principle of symbolic execution is to replace certain concrete values in a program's state with symbolic variables. ...
We enhanced our existing fault detection and leader election protocol methods to ensure that an OP is active in the cluster with very high reliability. ...
fatcat:uyyzt75xmzbzlplotdvpwis2eq
FUZZBOMB : Fully-Autonomous Detection and Repair of Cyber Vulnerabilities
2016
International Journal on Advances in Security
unpublished
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
Starting from our prior work on autonomous cyber defense and symbolic analysis of binary programs, we developed numerous new components to create FUZZBOMB. ...
The basic principle of symbolic execution is to replace certain concrete values in a program's state with symbolic variables. ...
We enhanced our existing fault detection and leader election protocol methods to ensure that an OP is active in the cluster with very high reliability. ...
fatcat:7e333y557zaevpcvxhtg7argoq
« Previous
Showing results 1 — 15 out of 19 results