Bgnn4vd: Constructing bidirectional graph neural-network for vulnerability detection
Context: Previous studies have shown that existing deep learning-based approaches can
significantly improve the performance of vulnerability detection. They represent code in …
significantly improve the performance of vulnerability detection. They represent code in …
Savior: Towards bug-driven hybrid testing
Hybrid testing combines fuzz testing and concolic execution. It leverages fuzz testing to test
easy-to-reach code regions and uses concolic execution to explore code blocks guarded by …
easy-to-reach code regions and uses concolic execution to explore code blocks guarded by …
Device-agnostic firmware execution is possible: A concolic execution approach for peripheral emulation
With the rapid proliferation of IoT devices, our cyberspace is nowadays dominated by
billions of low-cost computing nodes, which are very heterogeneous to each other. Dynamic …
billions of low-cost computing nodes, which are very heterogeneous to each other. Dynamic …
Sfuzz: Slice-based fuzzing for real-time operating systems
Real-Time Operating System (RTOS) has become the main category of embedded systems.
It is widely used to support tasks requiring real-time response such as printers and switches …
It is widely used to support tasks requiring real-time response such as printers and switches …
Adversarial symbolic execution for detecting concurrency-related cache timing leaks
The timing characteristics of cache, a high-speed storage between the fast CPU and the
slow memory, may reveal sensitive information of a program, thus allowing an adversary to …
slow memory, may reveal sensitive information of a program, thus allowing an adversary to …
Eunomia: enabling user-specified fine-grained search in symbolically executing WebAssembly binaries
Although existing techniques have proposed automated approaches to alleviate the path
explosion problem of symbolic execution, users still need to optimize symbolic execution by …
explosion problem of symbolic execution, users still need to optimize symbolic execution by …
A systematic review of search strategies in dynamic symbolic execution
A Sabbaghi, MR Keyvanpour - Computer Standards & Interfaces, 2020 - Elsevier
One of the major concerns of dynamic symbolic execution (DSE) based automated test case
generation is its huge search space which restricts its usage for industrial-size program …
generation is its huge search space which restricts its usage for industrial-size program …
[HTML][HTML] Beyond the sandbox: Leveraging symbolic execution for evasive malware classification
Threat actors continuously update their code to incorporate counter-analysis techniques
designed to evade detection and hinder the blocking of their malware. The first line of …
designed to evade detection and hinder the blocking of their malware. The first line of …
{LinKRID}: Vetting Imbalance Reference Counting in Linux kernel with Symbolic Execution
Linux kernel employs reference counters, which record the number of references to a shared
kernel object, to track its lifecycle and prevent memory errors like use-after-free. However …
kernel object, to track its lifecycle and prevent memory errors like use-after-free. However …
Feedback-driven incremental symbolic execution
Incremental symbolic execution addresses the scalability problem of symbolic execution by
concentrating on incremental behaviors that are introduced by the changes during program …
concentrating on incremental behaviors that are introduced by the changes during program …