Automatic vulnerability detection in embedded devices and firmware: Survey and layered taxonomies
In the era of the internet of things (IoT), software-enabled inter-connected devices are of
paramount importance. The embedded systems are very frequently used in both security …
paramount importance. The embedded systems are very frequently used in both security …
Fuzzing: State of the art
H Liang, X Pei, X Jia, W Shen… - IEEE Transactions on …, 2018 - ieeexplore.ieee.org
As one of the most popular software testing techniques, fuzzing can find a variety of
weaknesses in a program, such as software bugs and vulnerabilities, by generating …
weaknesses in a program, such as software bugs and vulnerabilities, by generating …
Semantic fuzzing with zest
Programs expecting structured inputs often consist of both a syntactic analysis stage, which
parses raw input, and a semantic analysis stage, which conducts checks on the parsed input …
parses raw input, and a semantic analysis stage, which conducts checks on the parsed input …
Send hardest problems my way: Probabilistic path prioritization for hybrid fuzzing
Hybrid fuzzing which combines fuzzing and concolic execution has become an advanced
technique for software vulnerability detection. Based on the observation that fuzzing and …
technique for software vulnerability detection. Based on the observation that fuzzing and …
Improving machine translation systems via isotopic replacement
Machine translation plays an essential role in people's daily international communication.
However, machine translation systems are far from perfect. To tackle this problem …
However, machine translation systems are far from perfect. To tackle this problem …
Improving function coverage with munch: a hybrid fuzzing and directed symbolic execution approach
S Ognawala, T Hutzelmann, E Psallida… - Proceedings of the 33rd …, 2018 - dl.acm.org
Fuzzing and symbolic execution are popular techniques for finding vulnerabilities and
generating test-cases for programs. Fuzzing, a blackbox method that mutates seed input …
generating test-cases for programs. Fuzzing, a blackbox method that mutates seed input …
Automated bug hunting with data-driven symbolic root cause analysis
The increasing cost of successful cyberattacks has caused a mindset shift, whereby
defenders now employ proactive defenses, namely software bug hunting, alongside existing …
defenders now employ proactive defenses, namely software bug hunting, alongside existing …
Westworld: Fuzzing-assisted remote dynamic symbolic execution of smart apps on iot cloud platforms
Existing symbolic execution typically assumes the analyzer can control the I/O environment
and/or access the library code, which, however, is not the case when programs run on a …
and/or access the library code, which, however, is not the case when programs run on a …
A systematic review of search strategies in dynamic symbolic execution
A Sabbaghi, MR Keyvanpour - Computer Standards & Interfaces, 2020 - Elsevier
One of the major concerns of dynamic symbolic execution (DSE) based automated test case
generation is its huge search space which restricts its usage for industrial-size program …
generation is its huge search space which restricts its usage for industrial-size program …
Vdf: Targeted evolutionary fuzz testing of virtual devices
A Henderson, H Yin, G Jin, H Han, H Deng - Research in Attacks …, 2017 - Springer
As cloud computing becomes more and more prevalent, there is increased interest in
mitigating attacks that target hypervisors from within the virtualized guest environments that …
mitigating attacks that target hypervisors from within the virtualized guest environments that …