Binary code fingerprinting is crucial in many security applications. Examples include
malware detection, software infringement, vulnerability analysis, and digital forensics. It is …

When designing computer monitoring systems, one goal has always been to have a
complete view of the monitored target and at the same time stealthily protect the monitor …

Among the many software testing techniques available today, fuzzing has remained highly
popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of …

Recently, hybrid fuzzing has been proposed to address the limitations of fuzzing and
concolic execution by combining both approaches. The hybrid approach has shown its …

The prevalence of mobile platforms, the large market share of Android, plus the openness of
the Android Market makes it a hot target for malware attacks. Once a malware sample has …

In this paper we present Mayhem, a new system for automatically finding exploitable bugs in
binary (ie, executable) programs. Every bug reported by Mayhem is accompanied by a …

We present the most complete and thoroughly tested formal semantics of x86-64 to date. Our
semantics faithfully formalizes all the non-deprecated, sequential user-level instructions of …

We present grey-box concolic testing, a novel path-based test case generation method that
combines the best of both white-box and grey-box fuzzing. At a high level, our technique …

During system call execution, it is common for operating system kernels to read userspace
memory multiple times (multi-reads). A critical bug may exist if the fetched userspace …

AC decompiler converts an executable (the output from a C compiler) into source code. The
recovered C source code, once recompiled, will produce an executable with the same …