Export Citations
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
- research-articleAugust 2024
Towards Functional Verification of eBPF Programs
eBPF '24: Proceedings of the ACM SIGCOMM 2024 Workshop on eBPF and Kernel ExtensionsPages 37–43https://doi.org/10.1145/3672197.3673435eBPF is being used to implement increasingly critical pieces of system logic. eBPF's verifier raises the cost of adoption of the technology, as making programs pass the verifier can be very effortful. We observe that the guarantees provided by the ...
- ArticleJuly 2024
Verification Algorithms for Automated Separation Logic Verifiers
AbstractMost automated program verifiers for separation logic use either symbolic execution or verification condition generation to extract proof obligations, which are then handed over to an SMT solver. Existing verification algorithms are designed to be ...
- short-paperJuly 2024
Path Exploration Strategy for Symbolic Execution based on Multi-strategy Active Learning
Internetware '24: Proceedings of the 15th Asia-Pacific Symposium on InternetwarePages 165–168https://doi.org/10.1145/3671016.3671403This paper proposes a novel symbolic execution path exploration strategy named MS-ALS (Multi-strategy Active Learning Search). MS-ALS integrates multiple heuristic methods and introduces a machine learning model to learn symbolic states of program paths ...
- research-articleJuly 2024
Efficiently Detecting Reentrancy Vulnerabilities in Complex Smart Contracts
Proceedings of the ACM on Software Engineering (PACMSE), Volume 1, Issue FSEArticle No.: 8, Pages 161–181https://doi.org/10.1145/3643734Reentrancy vulnerability as one of the most notorious vulnerabilities, has been a prominent topic in smart contract security research. Research shows that existing vulnerability detection presents a range of challenges, especially as smart contracts ...
- research-articleJuly 2024
HyperGo: Probability-based directed hybrid fuzzing
AbstractDirected grey-box fuzzing (DGF) is a target-guided fuzzing intended for testing specific targets (e.g., the potential buggy code). Despite numerous techniques proposed to enhance directedness, the existing DGF techniques still face challenges, ...
-
- research-articleJuly 2024
PASDA: A partition-based semantic differencing approach with best effort classification of undecided cases
Journal of Systems and Software (JSSO), Volume 213, Issue Chttps://doi.org/10.1016/j.jss.2024.112037AbstractEquivalence checking is used to verify whether two programs produce equivalent outputs when given equivalent inputs. Research in this field mainly focused on improving equivalence checking accuracy and runtime performance. However, for program ...
Highlights- We present PASDA, a new partition-based semantic differencing approach.
- PASDA has higher equivalence checking accuracy than three existing approaches.
- In addition, PASDA provides best effort classifications for undecided cases.
- research-articleJune 2024
Automated test data generation and stubbing method for C/C++ embedded projects
Automated Software Engineering (KLU-AUSE), Volume 31, Issue 2https://doi.org/10.1007/s10515-024-00449-6AbstractAutomated test data generation for unit testing C/C++ functions using concolic testing has been known for improving software quality while reducing human testing effort. However, concolic testing could face challenging problems when tackling ...
- research-articleJuly 2024
Testing concolic execution through consistency checks
Journal of Systems and Software (JSSO), Volume 211, Issue Chttps://doi.org/10.1016/j.jss.2024.112001AbstractSymbolic execution is a well-known software testing technique that evaluates how a program runs when considering a symbolic input, i.e., an input that can initially assume any concrete value admissible for its data type. The dynamic twist of this ...
Highlights- We identify the main steps carried out by recent concolic frameworks during their analysis, pinpointing where implementation bugs may emerge.
- We propose a set of novel and practical ideas on how to identify implementation gaps in ...
- research-articleJuly 2024
HD-FUZZ: Hardware dependency-aware firmware fuzzing via hybrid MMIO modeling
Journal of Network and Computer Applications (JNCA), Volume 224, Issue Chttps://doi.org/10.1016/j.jnca.2024.103835AbstractNumerous interconnected small embedded systems, such as Internet of Things (IoT) devices, are pervasive in our daily lives; however, their security lags behind. In particular, firmware vulnerabilities in low-level infrastructure have a more ...
- research-articleMarch 2024
Ethchecker: a context-guided fuzzing for smart contracts
The Journal of Supercomputing (JSCO), Volume 80, Issue 10Pages 13949–13975https://doi.org/10.1007/s11227-024-05954-9AbstractEthereum is the most widely used open-source public chain project, with smart contracts serving as the pattern for developing decentralized applications. The prevalence of attacks against smart contracts has increased in recent years due to the ...
- ArticleMarch 2024
DDoSMiner: An Automated Framework for DDoS Attack Characterization and Vulnerability Mining
AbstractWith the proliferation of Internet development, Distributed Denial of Service (DDoS) attacks are on the rise. As rule-based traffic analysis frameworks and Deep Packet Inspection (DPI) defense measures can effectively thwart many DDoS attacks, ...
- research-articleJanuary 2024
HyperPUT: generating synthetic faulty programs to challenge bug-finding tools
Empirical Software Engineering (KLU-EMSE), Volume 29, Issue 2https://doi.org/10.1007/s10664-023-10430-8AbstractAs research in automatically detecting bugs grows and produces new techniques, having suitable collections of programs with known bugs becomes crucial to reliably and meaningfully compare the effectiveness of these techniques. Most of the existing ...
- ArticleDecember 2023
Denotational Semantics for Symbolic Execution
Theoretical Aspects of Computing – ICTAC 2023Pages 370–387https://doi.org/10.1007/978-3-031-47963-2_22AbstractSymbolic execution is a technique to systematically explore all possible paths through a program. This technique can be formally explained by means of small-step transition systems that update symbolic states and compute a precondition ...
- ArticleNovember 2023
Guiding Symbolic Execution with A-Star
AbstractSymbolic execution is widely used to detect vulnerabilities in software. The idea is to symbolically execute the program in order to find an executable path to a target instruction. For the analysis to be fully accurate, it must be performed on ...
Formally Verifying Optimizations with Block Simulations
Proceedings of the ACM on Programming Languages (PACMPL), Volume 7, Issue OOPSLA2Article No.: 224, Pages 59–88https://doi.org/10.1145/3622799CompCert (ACM Software System Award 2021) is the first industrial-strength compiler with a mechanically checked proof of correctness. Yet, CompCert remains a moderately optimizing C compiler. Indeed, some optimizations of “gcc -O1” such as Lazy Code ...
- research-articleJuly 2023
What makes test programs similar in microservices applications?
Journal of Systems and Software (JSSO), Volume 201, Issue Chttps://doi.org/10.1016/j.jss.2023.111674AbstractThe emergence of microservices architecture calls for novel methodologies and technological frameworks that support the design, development, and maintenance of applications structured according to this new architectural style. In this paper, we ...
Highlights- Support the design of regression testing strategies in microservices applications.
- The dynamic analysis of test programs discloses their implicit relations.
- Test programs’ information is collected by means of concrete and symbolic ...
- research-articleMay 2023
Towards rigorous understanding of neural networks via semantics-preserving transformations
International Journal on Software Tools for Technology Transfer (STTT) (STTT), Volume 25, Issue 3Pages 301–327https://doi.org/10.1007/s10009-023-00700-7AbstractIn this paper, we present an algebraic approach to the precise and global verification and explanation of Rectifier Neural Networks, a subclass of Piece-wise Linear Neural Networks (PLNNs), i.e., networks that semantically represent piece-wise ...
- research-articleMay 2023
sem2vec: Semantics-aware Assembly Tracelet Embedding
ACM Transactions on Software Engineering and Methodology (TOSEM), Volume 32, Issue 4Article No.: 90, Pages 1–34https://doi.org/10.1145/3569933Binary code similarity is the foundation of many security and software engineering applications. Recent works leverage deep neural networks (DNN) to learn a numeric vector representation (namely, embeddings) of assembly functions, enabling similarity ...
- research-articleMay 2023
A unit-based symbolic execution method for detecting memory corruption vulnerabilities in executable codes
International Journal of Information Security (IJOIS), Volume 22, Issue 5Pages 1277–1290https://doi.org/10.1007/s10207-023-00691-1AbstractMemory corruption is a serious class of software vulnerabilities, which requires careful attention to be detected and removed from applications before getting exploited and harming the system users. Symbolic execution is a well-known method for ...
- research-articleMay 2023
Automatically generating test cases for safety-critical software via symbolic execution
Journal of Systems and Software (JSSO), Volume 199, Issue Chttps://doi.org/10.1016/j.jss.2023.111629AbstractAutomated test generation based on symbolic execution can be beneficial for systematically testing safety-critical software, to facilitate test engineers to pursue the strict testing requirements mandated by the certification standards,...