research-article

Fuzzing, Symbolic Execution, and Expert Guidance for Better Testing

Authors:

Ismet Burak Kadron,

Corina S. Păsăreanu,

Koushik SenAuthors Info & Claims

IEEE Software, Volume 41, Issue 1

Pages 98 - 104

https://doi.org/10.1109/MS.2023.3237981

Published: 01 January 2024 Publication History

Abstract

Hybrid program analysis approaches that combine static and dynamic analysis have resulted in powerful tools for automated software testing. In this article, we argue for hybrid techniques that allow minimal but critical intervention from experts to better guide software testing.

References

[1]

K. Claessen and J. Hughes, “QuickCheck: A lightweight tool for random testing of Haskell programs,” in Proc. 5th Int. Conf. Functional Program., 2000, pp. 268–279.

[2]

R. Padhye, C. Lemieux, K. Sen, M. Papadakis, and Y. Le Traon, “Semantic fuzzing with zest,” in Proc. 28th Int. Symp. Softw. Testing Anal., New York, NY, USA: ACM, 2019, pp. 329–340.

Digital Library

[3]

R. Padhye, C. Lemieux, and K. Sen, “JQF: Coverage-guided property-based testing in java,” in Proc. 28th Int. Symp. Softw. Testing Anal., 2019, pp. 398–401.

Digital Library

[4]

R. Padhye, C. Lemieux, K. Sen, L. Simon, and H. Vijayakumar, “FuzzFactory: Domain-specific fuzzing with waypoints,” Proc. ACM Program. Lang., vol. 3, no. OOPSLA, pp. 1–29, Oct. 2019.

Digital Library

[5]

“CWE-409: Improper handling of highly compressed data,” MITRE Corporation, McLean, VA, USA, 2022. [Online]. Available: https://cwe.mitre.org/data/definitions/409.html

[6]

S. Wang, X. Jiang, X. Yu, and S. Sun, “KcFuzz: Directed fuzzing based on keypoint coverage,” in Proc. Int. Conf. Artif. Intell. Secur., Springer-Verlag, 2021, pp. 312–325.

Digital Library

[7]

P. Kocher et al., “Spectre attacks: Exploiting speculative execution,” 2018,.

[8]

M. Lipp et al., “Meltdown: Reading kernel memory from user space,” in Proc. 27th USENIX Security Symp., 2018, pp. 973–990.

[9]

I. B. Kadron and T. Bultan, “TSA: A tool to detect and quantify network side-channels,” in Proc. 30th ACM Joint Eur. Softw. Eng. Conf. Symp. Found. Softw. Eng. (ESEC/FSE), ACM, 2022, pp. 1760–1764.

Digital Library

[10]

I˙. B. Kadron, N. Rosner, and T. Bultan, “Feedback-driven side-channel analysis for networked applications,” in Proc. 29th Int. Symp. Softw. Testing Anal., 2020, pp. 260–271.

Digital Library

[11]

Y. Noller, R. Kersten, and C. S. Pa˘sa˘reanu, “Badger: Complexity analysis with fuzzing and symbolic execution,” in Proc. 27th Int. Symp. Softw. Testing Anal., New York, NY, USA: ACM, 2018, pp. 322–332.

Digital Library

[12]

S. Nilizadeh, Y. Noller, and C. S. Păsăreanu, “DifFuzz: Differential fuzzing for side-channel analysis,” in Proc. 41st Int. Conf. Softw. Eng., IEEE Press, 2019, pp. 176–187.

[13]

Y. Noller, C. S. Păsăreanu, M. Böhme, Y. Sun, H. L. Nguyen, and L. Grunske, “HyDiff: Hybrid differential software analysis,” in Proc. 42nd Int. Conf. Softw. Eng. (ICSE’20), New York, NY, USA: ACM, 2020, pp. 1273–1285.

[14]

M. Böhme, C. Geethal, and V. T. Pham, “Human-in-the-loop automatic program repair,” in Proc. 13th Int. Conf. Softw. Testing, Validation Verification (ICST), 2020, pp. 274–285.

[15]

Y. Noller, R. Shariffdeen, X. Gao, and A. Roychoudhury, “Trust enhancement issues in program repair,” in Proc. 44th Int. Conf. Softw. Eng. (ICSE’22), 2022, pp. 2228–2240.

Digital Library

[16]

C. Parnin and A. Orso, “Are automated debugging techniques actually helping programmers?” in Proc. Int. Symp. Softw. Testing Anal., New York, NY, USA: ACM, 2011, pp. 199–209.

Digital Library

[17]

B. Johnson, Y. Song, E. Murphy-Hill, and R. Bowdidge, “Why don’t software developers use static analysis tools to find bugs?” in Proc. 35th Int. Conf. Softw. Eng. (ICSE), 2013, pp. 672–681.

[18]

M. Böhme, C. Cadar, and A. Roychoudhury, “Fuzzing: Challenges and opportunities,” IEEE Softw., vol. 38, no. 3, pp. 79–86, May -Jun 2021.

Cited By

Sihler FFilkov VRay BZhou M(2024)Improving the Comprehension of R Programs by Hybrid Dataflow AnalysisProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695603(2490-2493)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695603
Shafiuzzaman MDesai ASarker LBultan TFilkov VRay BZhou M(2024)STASE: Static Analysis Guided Symbolic Execution for UEFI Vulnerability Signature GenerationProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695543(1783-1794)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695543

Index Terms

Fuzzing, Symbolic Execution, and Expert Guidance for Better Testing
1. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Formal software verification
      2. Software defect analysis
        Software testing and debugging
  2. Software organization and properties
    1. Software functional properties
      1. Formal methods
        Software verification
2. Theory of computation
  1. Semantics and reasoning
    1. Program reasoning

Index terms have been assigned to the content through auto-classification.

Recommendations

A Survey of Hybrid Fuzzing based on Symbolic Execution
CIAT 2020: Proceedings of the 2020 International Conference on Cyberspace Innovation of Advanced Technologies

Fuzzing has now developed into an efficient method of vulnerability mining. Symbolic execution is also a popular software vulnerability mining technology. Both are research hotspots in the field of network and information security. Hybrid fuzzing is the ...
Test generation via Dynamic Symbolic Execution for mutation testing
ICSM '10: Proceedings of the 2010 IEEE International Conference on Software Maintenance

Mutation testing has been used to assess and improve the quality of test inputs. Generating test inputs to achieve high mutant-killing ratios is important in mutation testing. However, existing test-generation techniques do not provide effective support ...
Fuzzing for CPS Mutation Testing
ASE '23: Proceedings of the 38th IEEE/ACM International Conference on Automated Software Engineering

Mutation testing can help reduce the risks of releasing faulty software. For such reason, it is a desired practice for the development of embedded software running in safety-critical cyber-physical systems (CPS). Unfortunately, state-of-the-art test data ...

Comments

Information & Contributors

Information

Published In

cover image IEEE Software

IEEE Software Volume 41, Issue 1

Jan.-Feb. 2024

141 pages

Issue’s Table of Contents

0740-7459 © 2023 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See https://www.ieee.org/publications/rights/index.html for more information.

Publisher

IEEE Computer Society Press

Washington, DC, United States

Publication History

Published: 01 January 2024

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 08 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Sihler FFilkov VRay BZhou M(2024)Improving the Comprehension of R Programs by Hybrid Dataflow AnalysisProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695603(2490-2493)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695603
Shafiuzzaman MDesai ASarker LBultan TFilkov VRay BZhou M(2024)STASE: Static Analysis Guided Symbolic Execution for UEFI Vulnerability Signature GenerationProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695543(1783-1794)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695543

View Options

View options

Figures

Tables

Media

View Issue’s Table of Contents