Existing coverage-based fuzzers usually use the individual control flow graph (CFG) edge
coverage to guide the fuzzing process, which has shown great potential in finding …

Researchers have argued that for failure to be observed the following three conditions must
be met: CR= the defect was reached; CI= the program has transitioned into an infectious …

Researchers have argued that for failure to be observed the following three conditions must
be met: 1) the defect is executed, 2) the program has transitioned into an infectious state …

Information flow analysis prevents secret or untrusted data from flowing into public or trusted
sinks. Existing mechanisms cover a wide array of options, ranging from lightweight taint …

Packages in the Node. js ecosystem often suffer from serious vulnerabilities such as
arbitrary command injection and code execution. Existing taint analysis tools fall short in …

Failures triggered by hard to debug defects usually involve complex interactions between
many program elements. This paper hypothesizes that information flows present a good …

Failed error propagation (FEP) is known to hamper software testing, yet it remains poorly
understood. We introduce an information theoretic formulation of FEP that is based on …

Coverage-based fault localization techniques typically assign a suspiciousness rank to the
statements in a program following an analysis of the coverage of certain types of program …

Following a program failure, the main concern of the developer is to identify what caused it
in order to repair the code that induced it. The first activity is termed fault localization …

Despite the proven applicability of the spectrum-based fault localization (SBFL) methods,
their effectiveness may be degraded due to the presence of coincidental correctness, which …