Building an open-source system test generation tool: lessons learned and empirical analyses with EvoMaster
Research in software testing often involves the development of software prototypes. Like any
piece of software, there are challenges in the development, use and verification of such …
piece of software, there are challenges in the development, use and verification of such …
Towards security defect prediction with AI
CD Sestili, WS Snavely, NM VanHoudnos - arXiv preprint arXiv …, 2018 - arxiv.org
In this study, we investigate the limits of the current state of the art AI system for detecting
buffer overflows and compare it with current static analysis tools. To do so, we developed a …
buffer overflows and compare it with current static analysis tools. To do so, we developed a …
Igor: Crash deduplication through root-cause clustering
Z Jiang, X Jiang, A Hazimeh, C Tang, C Zhang… - Proceedings of the …, 2021 - dl.acm.org
Fuzzing has emerged as the most effective bug-finding technique. The output of a fuzzer is a
set of proof-of-concept (PoC) test cases for all observed" unique''crashes. It costs developers …
set of proof-of-concept (PoC) test cases for all observed" unique''crashes. It costs developers …
Evocatio: Conjuring bug capabilities from a single poc
Z Jiang, S Gan, A Herrera, F Toffalini… - Proceedings of the …, 2022 - dl.acm.org
The popularity of coverage-guided greybox fuzzers has led to a tsunami of security-critical
bugs that developers must prioritize and fix. Knowing the capabilities a bug exposes (eg …
bugs that developers must prioritize and fix. Knowing the capabilities a bug exposes (eg …
FuSeBMC: An Energy-Efficient Test Generator for Finding Security Vulnerabilities in C Programs
KM Alshmrany, M Aldughaim, A Bhayat… - … Conference On Tests …, 2021 - Springer
We describe and evaluate a novel approach to automated test generation that exploits
fuzzing and Bounded Model Checking (BMC) engines to detect security vulnerabilities in C …
fuzzing and Bounded Model Checking (BMC) engines to detect security vulnerabilities in C …
Execution reconstruction: Harnessing failure reoccurrences for failure reproduction
Reproducing production failures is crucial for software reliability. Alas, existing bug
reproduction approaches are not suitable for production systems because they are not …
reproduction approaches are not suitable for production systems because they are not …
Smart contract vulnerability detection based on deep learning and multimodal decision fusion
W Deng, H Wei, T Huang, C Cao, Y Peng, X Hu - Sensors, 2023 - mdpi.com
With the rapid development and widespread application of blockchain technology in recent
years, smart contracts running on blockchains often face security vulnerability problems …
years, smart contracts running on blockchains often face security vulnerability problems …
A smart contract vulnerability detection mechanism based on deep learning and expert rules
Z Liu, M Jiang, S Zhang, J Zhang, Y Liu - IEEE Access, 2023 - ieeexplore.ieee.org
Traditional techniques for smart contract vulnerability detection rely on fixed expert criteria to
discover vulnerabilities, which are less generalizable, scalable, and accurate. Deep learning …
discover vulnerabilities, which are less generalizable, scalable, and accurate. Deep learning …
Symfusion: hybrid instrumentation for concolic execution
Concolic execution is a dynamic twist of symbolic execution designed with scalability in
mind. Recent concolic executors heavily rely on program instrumentation to achieve such …
mind. Recent concolic executors heavily rely on program instrumentation to achieve such …
Smart grid: Cyber attacks, critical defense approaches, and digital twin
As a national critical infrastructure, the smart grid has attracted widespread attention for its
cybersecurity issues. The development towards an intelligent, digital, and Internetconnected …
cybersecurity issues. The development towards an intelligent, digital, and Internetconnected …