Deep learning based vulnerability detection: Are we there yet
Automated detection of software vulnerabilities is a fundamental problem in software
security. Existing program analysis techniques either suffer from high false positives or false …
security. Existing program analysis techniques either suffer from high false positives or false …
A survey of symbolic execution techniques
Many security and software testing applications require checking whether certain properties
of a program hold for any possible usage scenario. For instance, a tool for identifying …
of a program hold for any possible usage scenario. For instance, a tool for identifying …
Machine learning testing: Survey, landscapes and horizons
This paper provides a comprehensive survey of techniques for testing machine learning
systems; Machine Learning Testing (ML testing) research. It covers 144 papers on testing …
systems; Machine Learning Testing (ML testing) research. It covers 144 papers on testing …
{QSYM}: A practical concolic execution engine tailored for hybrid fuzzing
Recently, hybrid fuzzing has been proposed to address the limitations of fuzzing and
concolic execution by combining both approaches. The hybrid approach has shown its …
concolic execution by combining both approaches. The hybrid approach has shown its …
The art, science, and engineering of fuzzing: A survey
Among the many software testing techniques available today, fuzzing has remained highly
popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of …
popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of …
Verx: Safety verification of smart contracts
A Permenev, D Dimitrov, P Tsankov… - … IEEE symposium on …, 2020 - ieeexplore.ieee.org
We present VerX, the first automated verifier able to prove functional properties of Ethereum
smart contracts. VerX addresses an important problem as all real-world contracts must …
smart contracts. VerX addresses an important problem as all real-world contracts must …
Tensorfuzz: Debugging neural networks with coverage-guided fuzzing
Neural networks are difficult to interpret and debug. We introduce testing techniques for
neural networks that can discover errors occurring only for rare inputs. Specifically, we …
neural networks that can discover errors occurring only for rare inputs. Specifically, we …
Fairfuzz: A targeted mutation strategy for increasing greybox fuzz testing coverage
In recent years, fuzz testing has proven itself to be one of the most effective techniques for
finding correctness bugs and security vulnerabilities in practice. One particular fuzz testing …
finding correctness bugs and security vulnerabilities in practice. One particular fuzz testing …
T-Fuzz: fuzzing by program transformation
H Peng, Y Shoshitaishvili… - 2018 IEEE Symposium on …, 2018 - ieeexplore.ieee.org
Fuzzing is a simple yet effective approach to discover software bugs utilizing randomly
generated inputs. However, it is limited by coverage and cannot find bugs hidden in deep …
generated inputs. However, it is limited by coverage and cannot find bugs hidden in deep …
The oracle problem in software testing: A survey
Testing involves examining the behaviour of a system in order to discover potential faults.
Given an input for a system, the challenge of distinguishing the corresponding desired …
Given an input for a system, the challenge of distinguishing the corresponding desired …