Loop-extended symbolic execution on binary programs
Mixed concrete and symbolic execution is an important technique for finding and
understanding software bugs, including security-relevant ones. However, existing symbolic …
understanding software bugs, including security-relevant ones. However, existing symbolic …
Chopped symbolic execution
Symbolic execution is a powerful program analysis technique that systematically explores
multiple program paths. However, despite important technical advances, symbolic execution …
multiple program paths. However, despite important technical advances, symbolic execution …
A survey of symbolic execution techniques
Many security and software testing applications require checking whether certain properties
of a program hold for any possible usage scenario. For instance, a tool for identifying …
of a program hold for any possible usage scenario. For instance, a tool for identifying …
Redundant state detection for dynamic symbolic execution
S Bugrara, D Engler - … Annual Technical Conference (USENIX ATC 13), 2013 - usenix.org
Many recent tools use dynamic symbolic execution to perform tasks ranging from automatic
test generation, finding security flaws, equivalence verification, and exploit generation …
test generation, finding security flaws, equivalence verification, and exploit generation …
Memoized symbolic execution
This paper introduces memoized symbolic execution (Memoise), a new approach for more
efficient application of forward symbolic execution, which is a well-studied technique for …
efficient application of forward symbolic execution, which is a well-studied technique for …
MACKE: Compositional analysis of low-level vulnerabilities with symbolic execution
Concolic (concrete+ symbolic) execution has recently gained popularity as an effective
means to uncover non-trivial vulnerabilities in software, such as subtle buffer overflows …
means to uncover non-trivial vulnerabilities in software, such as subtle buffer overflows …
SymQEMU: Compilation-based symbolic execution for binaries
S Poeplau, A Francillon - NDSS 2021, Network and Distributed System …, 2021 - hal.science
Symbolic execution is a powerful technique for software analysis and bug detection.
Compilation-based symbolic execution is a recently proposed flavor that has been shown to …
Compilation-based symbolic execution is a recently proposed flavor that has been shown to …
Guiding dynamic symbolic execution toward unverified program executions
Most techniques to detect program errors, such as testing, code reviews, and static program
analysis, do not fully verify all possible executions of a program. They leave executions …
analysis, do not fully verify all possible executions of a program. They leave executions …
Symbolic execution with existential second-order constraints
Symbolic execution systematically explores program paths by solving path conditions---
formulas over symbolic variables. Typically, the symbolic variables range over numbers …
formulas over symbolic variables. Typically, the symbolic variables range over numbers …
Arbiter: Bridging the static and dynamic divide in vulnerability discovery on binary programs
In spite of their effectiveness in the context of vulnerability discovery, current state-of-the-art
binary program analysis approaches are limited by inherent trade-offs between accuracy …
binary program analysis approaches are limited by inherent trade-offs between accuracy …