The art, science, and engineering of fuzzing: A survey
Among the many software testing techniques available today, fuzzing has remained highly
popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of …
popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of …
Verx: Safety verification of smart contracts
A Permenev, D Dimitrov, P Tsankov… - … IEEE symposium on …, 2020 - ieeexplore.ieee.org
We present VerX, the first automated verifier able to prove functional properties of Ethereum
smart contracts. VerX addresses an important problem as all real-world contracts must …
smart contracts. VerX addresses an important problem as all real-world contracts must …
Sereum: Protecting existing smart contracts against re-entrancy attacks
Recently, a number of existing blockchain systems have witnessed major bugs and
vulnerabilities within smart contracts. Although the literature features a number of proposals …
vulnerabilities within smart contracts. Although the literature features a number of proposals …
Beacon: Directed grey-box fuzzing with provable path pruning
Unlike coverage-based fuzzing that gives equal attention to every part of a code, directed
fuzzing aims to direct a fuzzer to a specific target in the code, eg, the code with potential …
fuzzing aims to direct a fuzzer to a specific target in the code, eg, the code with potential …
{EOSAFE}: security analysis of {EOSIO} smart contracts
The EOSIO blockchain, one of the representative Delegated Proof-of-Stake (DPoS)
blockchain platforms, has grown rapidly recently. Meanwhile, a number of vulnerabilities …
blockchain platforms, has grown rapidly recently. Meanwhile, a number of vulnerabilities …
Where does it go? refining indirect-call targets with multi-layer type analysis
System software commonly uses indirect calls to realize dynamic program behaviors.
However, indirect-calls also bring challenges to constructing a precise control-flow graph …
However, indirect-calls also bring challenges to constructing a precise control-flow graph …
Unleashing the power of compiler intermediate representation to enhance neural program embeddings
Neural program embeddings have demonstrated considerable promise in a range of
program analysis tasks, including clone identification, program repair, code completion, and …
program analysis tasks, including clone identification, program repair, code completion, and …
Learning to explore paths for symbolic execution
Symbolic execution is a powerful technique that can generate tests steering program
execution into desired paths. However, the scalability of symbolic execution is often limited …
execution into desired paths. However, the scalability of symbolic execution is often limited …
Evaluating and improving hybrid fuzzing
To date, various hybrid fuzzers have been proposed for maximal program vulnerability
exposure by integrating the power of fuzzing strategies and concolic executors. While the …
exposure by integrating the power of fuzzing strategies and concolic executors. While the …
Qilin: A new framework for supporting fine-grained context-sensitivity in Java pointer analysis
Existing whole-program context-sensitive pointer analysis frameworks for Java, which were
open-sourced over one decade ago, were designed and implemented to support only …
open-sourced over one decade ago, were designed and implemented to support only …