Satisfiability modulo fuzzing: a synergistic combination of SMT solving and fuzzing
SK Muduli, S Roy - Proceedings of the ACM on Programming …, 2022 - dl.acm.org
Programming languages and software engineering tools routinely encounter components
that are difficult to reason on via formal techniques or whose formal semantics are not even …
that are difficult to reason on via formal techniques or whose formal semantics are not even …
Efficient Interprocedural Data-Flow Analysis Using Treedepth and Treewidth
AK Goharshady, AK Zaher - … on Verification, Model Checking, and Abstract …, 2023 - Springer
We consider interprocedural data-flow analysis as formalized by the standard IFDS
framework, which can express many widely-used static analyses such as reaching …
framework, which can express many widely-used static analyses such as reaching …
Vanguard: Detecting missing checks for prognosing potential vulnerabilities
It is challenging to have a general solution to precisely detect arbitrary vulnerabilities. Thus
security research has focused on detecting specific types of vulnerabilities. Missing checks …
security research has focused on detecting specific types of vulnerabilities. Missing checks …
Interactive Theorem Proving Modulo Fuzzing
SK Muduli, RR Padulkar, S Roy - International Conference on Computer …, 2024 - Springer
Interactive theorem provers (ITPs) exploit the collaboration between humans and computers,
enabling proof of complex theorems. Further, ITPs allow extraction of provably correct …
enabling proof of complex theorems. Further, ITPs allow extraction of provably correct …
Parameterized Algorithms for Scalable Interprocedural Data-flow Analysis
AK Zaher - arXiv preprint arXiv:2309.11298, 2023 - arxiv.org
Data-flow analysis is a general technique used to compute information of interest at different
points of a program and is considered to be a cornerstone of static analysis. In this thesis, we …
points of a program and is considered to be a cornerstone of static analysis. In this thesis, we …
Automatic detection and repair recommendation for missing checks
Missing checks for untrusted inputs used in security-sensitive operations is one of the major
causes of various vulnerabilities. Efficiently detecting and repairing missing checks are …
causes of various vulnerabilities. Efficiently detecting and repairing missing checks are …
[PDF][PDF] Automatically Generating Java Benchmarks with Known Errors
M Hurmuz - 2022 - ethz.ch
With the constant increase in code development, testing has become essential. Because of
the higher cost of dynamic testing, static testing is preferred. One of the existing techniques …
the higher cost of dynamic testing, static testing is preferred. One of the existing techniques …
Scalable and Extensible Static Memory Safety Analysis with Summary over Access Path
Static analysis is an effective way of checking memory safety issues in program. Usually,
multiple analysis algorithms usually run together to achieve a precise analysis result. In this …
multiple analysis algorithms usually run together to achieve a precise analysis result. In this …