research-article

Eunomia: Enabling User-Specified Fine-Grained Search in Symbolically Executing WebAssembly Binaries

Authors:

Guangtai Liang,

Yao GuoAuthors Info & Claims

ISSTA 2023: Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis

Pages 385 - 397

https://doi.org/10.1145/3597926.3598064

Published: 13 July 2023 Publication History

Abstract

Although existing techniques have proposed automated approaches to alleviate the path explosion problem of symbolic execution, users still need to optimize symbolic execution by applying various searching strategies carefully. As existing approaches mainly support only coarse-grained global searching strategies, they cannot efficiently traverse through complex code structures. In this paper, we propose Eunomia, a symbolic execution technique that supports fine-grained search with local domain knowledge. Eunomia uses Aes, a DSL that lets users specify local searching strategies for different parts of the program. Eunomia also isolates the context of variables for different local searching strategies, avoiding conflicts. We implement Eunomia for WebAssembly, which can analyze applications written in various languages. Eunomia is the first symbolic execution engine that supports the full features of WebAssembly. We evaluate Eunomia with a microbenchmark suite and six real-world applications. Our evaluation shows that Eunomia improves bug detection by up to three orders of magnitude. We also conduct a user study that shows the benefits of using Aes. Moreover, Eunomia verifies six known bugs and detects two new zero-day bugs in Collections-C.

References

[1]

Frances E Allen. 1970. Control flow analysis. ACM Sigplan Notices, 5, 7 (1970), 1–19. https://doi.org/10.1145/390013.808479

Digital Library

[2]

altermarkive. 2022. Crypto miner on webpages. https://github.com/altermarkive/javascript-emscripten-bitcoin-miner

[3]

Thanassis Avgerinos, Alexandre Rebert, Sang Kil Cha, and David Brumley. 2014. Enhancing symbolic execution with veritesting. In Proceedings of the 36th International Conference on Software Engineering. 1083–1094. https://doi.org/10.1145/2568225.2568293

Digital Library

[4]

Roberto Baldoni, Emilio Coppa, Daniele Cono D’elia, Camil Demetrescu, and Irene Finocchi. 2018. A survey of symbolic execution techniques. ACM Computing Surveys (CSUR), 51, 3 (2018), 1–39. https://doi.org/10.1145/3182657

Digital Library

[5]

Matthew Bocci, Thomas Nadeau, Luca Martini, Samer Salam, Ali Sajassi, and Satoru Matsushima. 2014. Inter-Chassis Communication Protocol for Layer 2 Virtual Private Network (L2VPN) Provider Edge (PE) Redundancy. RFC 7275. https://doi.org/10.17487/RFC7275

Digital Library

[6]

Fraser Brown, Deian Stefan, and Dawson Engler. 2020. Sys: a static/symbolic tool for finding good bugs in good (browser) code. In 29th $USENIX$ Security Symposium ($USENIX$ Security 20). 199–216.

[7]

Cristian Cadar, Daniel Dunbar, and Dawson R Engler. 2008. Klee: unassisted and automatic generation of high-coverage tests for complex systems programs. In OSDI. 8, 209–224.

Digital Library

[8]

Cristian Cadar, Vijay Ganesh, Peter M Pawlowski, David L Dill, and Dawson R Engler. 2008. EXE: Automatically generating inputs of death. ACM Transactions on Information and System Security (TISSEC), 12, 2 (2008), 1–38. https://doi.org/10.1145/1455518.1455522

Digital Library

[9]

Cristian Cadar, Patrice Godefroid, Sarfraz Khurshid, Corina S Pasareanu, Koushik Sen, Nikolai Tillmann, and Willem Visser. 2011. Symbolic execution for software testing in practice: preliminary assessment. In 2011 33rd International Conference on Software Engineering (ICSE). 1066–1071. https://doi.org/10.1145/1985793.1985995

Digital Library

[10]

Marek Chalupa, Tomáš Jašek, Jakub Novák, Anna Řechtáčková, Veronika Šoková, and Jan Strejček. 2021. Symbiotic 8: Beyond Symbolic Execution:(Competition Contribution). Tools and Algorithms for the Construction and Analysis of Systems, 12652 (2021), 453. https://doi.org/10.1007/978-3-030-72013-1_31

Digital Library

[11]

Yaohui Chen, Peng Li, Jun Xu, Shengjian Guo, Rundong Zhou, Yulong Zhang, Tao Wei, and Long Lu. 2020. SAVIOR: Towards Bug-Driven Hybrid Testing. In 2020 IEEE Symposium on Security and Privacy, SP 2020, San Francisco, CA, USA, May 18-21, 2020. IEEE, 1580–1596. https://doi.org/10.1109/SP40000.2020.00002

[12]

Vitaly Chipounov, Vlad Georgescu, Cristian Zamfir, and George Candea. 2009. Selective symbolic execution. In Proceedings of the 5th Workshop on Hot Topics in System Dependability (HotDep).

[13]

Maria Christakis, Peter Müller, and Valentin Wüstholz. 2016. Guiding dynamic symbolic execution toward unverified program executions. In Proceedings of the 38th International Conference on Software Engineering. 144–155. https://doi.org/10.1145/2884781.2884843

Digital Library

[14]

Christoph Csallner and Yannis Smaragdakis. 2005. Check’n’Crash: Combining static checking and testing. In Proceedings of the 27th international conference on Software engineering. 422–431. https://doi.org/10.1145/1062455.1062533

Digital Library

[15]

Heming Cui, Gang Hu, Jingyue Wu, and Junfeng Yang. 2013. Verifying systems rules using rule-directed symbolic execution. ACM SIGPLAN Notices, 48, 4 (2013), 329–342. https://doi.org/10.1145/2499368.2451152

Digital Library

[16]

Leonardo De Moura and Nikolaj Bjørner. 2008. Z3: An efficient SMT solver. In International conference on Tools and Algorithms for the Construction and Analysis of Systems. 337–340. https://doi.org/10.1007/978-3-540-78800-3_24

[17]

Robert Dockins, Adam Foltzer, Joe Hendrix, Brian Huffman, Dylan McNamee, and Aaron Tomb. 2016. Constructing semantic models of programs with the software analysis workbench. In Working Conference on Verified Software: Theories, Tools, and Experiments. 56–72. https://doi.org/10.1007/978-3-319-48869-1_5

[18]

Dennis Dube and Jacques Camerini. 2002. MODBUS Application Protocol. Internet Engineering Task Force. https://datatracker.ietf.org/doc/draft-dube-modbus-applproto/00/ Work in Progress

[19]

Bassem Elkarablieh, Patrice Godefroid, and Michael Y Levin. 2009. Precise pointer reasoning for dynamic test generation. In Proceedings of the eighteenth international symposium on Software testing and analysis. 129–140. https://doi.org/10.1145/1572272.1572288

Digital Library

[20]

Dawson Engler and Daniel Dunbar. 2007. Under-constrained execution: making automatic code destruction easy and scalable. In Proceedings of the 2007 international symposium on Software testing and analysis. 1–4. https://doi.org/10.1145/1273463.1273464

Digital Library

[21]

Xiang Fu and Kai Qian. 2008. SAFELI: SQL injection scanner using symbolic execution. In Proceedings of the 2008 workshop on Testing, analysis, and verification of web services and applications. 34–39. https://doi.org/10.1145/1390832.1390838

Digital Library

[22]

Phani Kishore Gadepalli, Sean McBride, Gregor Peach, Ludmila Cherkasova, and Gabriel Parmer. 2020. Sledge: a serverless-first, light-weight wasm runtime for the edge. In Proceedings of the 21st International Middleware Conference. 265–279. https://doi.org/10.1145/3423211.3425680

Digital Library

[23]

golang. 2022. GitHub page of Snappy. https://github.com/golang/snappy

[24]

golang. 2022. Home page of image package. https://pkg.go.dev/image

[25]

golang. 2022. Implementation of sprintf in Go. https://github.com/golang/go/blob/master/src/fmt/print.go

[26]

Shengjian Guo, Yueqi Chen, Peng Li, Yueqiang Cheng, Huibo Wang, Meng Wu, and Zhiqiang Zuo. 2020. SpecuSym: speculative symbolic execution for cache timing leak detection. In ICSE ’20: 42nd International Conference on Software Engineering, Seoul, South Korea, 27 June - 19 July, 2020. ACM, 1235–1247.

Digital Library

[27]

Shengjian Guo, Yueqi Chen, Jiyong Yu, Meng Wu, Zhiqiang Zuo, Peng Li, Yueqiang Cheng, and Huibo Wang. 2020. Exposing cache timing side-channel leaks through out-of-order symbolic execution. Proc. ACM Program. Lang., 4, OOPSLA (2020), 147:1–147:32.

Digital Library

[28]

Shengjian Guo, Meng Wu, and Chao Wang. 2018. Adversarial symbolic execution for detecting concurrency-related cache timing leaks. In Proceedings of the 2018 ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, ESEC/SIGSOFT FSE 2018, Lake Buena Vista, FL, USA, November 04-09, 2018. ACM, 377–388.

Digital Library

[29]

Andreas Haas, Andreas Rossberg, Derek L Schuff, Ben L Titzer, Michael Holman, Dan Gohman, Luke Wagner, Alon Zakai, and JF Bastien. 2017. Bringing the web up to speed with WebAssembly. In Proceedings of the 38th ACM SIGPLAN Conference on Programming Language Design and Implementation. 185–200. https://doi.org/10.1145/3062341.3062363

Digital Library

[30]

Jingxuan He, Mislav Balunović, Nodar Ambroladze, Petar Tsankov, and Martin Vechev. 2019. Learning to fuzz from symbolic execution with application to smart contracts. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. 531–548. https://doi.org/10.1145/3319535.3363230

Digital Library

[31]

Jingxuan He, Gishor Sivanrupan, Petar Tsankov, and Martin Vechev. 2021. Learning to Explore Paths for Symbolic Execution. In Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security. 2526–2540. https://doi.org/10.1145/3460120.3484813

Digital Library

[32]

Ningyu He, Ruiyi Zhang, Haoyu Wang, Lei Wu, Xiapu Luo, Yao Guo, Ting Yu, and Xuxian Jiang. 2021. $EOSAFE$: Security Analysis of $EOSIO$ Smart Contracts. In 30th $USENIX$ Security Symposium ($USENIX$ Security 21).

[33]

Grant Hernandez, Farhaan Fowze, Dave Tian, Tuba Yavuz, and Kevin RB Butler. 2017. Firmusb: Vetting usb device firmware using domain informed symbolic execution. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. 2245–2262. https://doi.org/10.1145/3133956.3134050

Digital Library

[34]

Hexops. 2022. Game engine and graphics toolkit. https://github.com/hexops/mach

[35]

Joerg Schulenburg. 2022. Official page of GOCR. https://jocr.sourceforge.net/

[36]

Kyungtae Kim, Dae R Jeong, Chung Hwan Kim, Yeongjin Jang, Insik Shin, and Byoungyoung Lee. 2020. HFL: Hybrid Fuzzing on the Linux Kernel. In NDSS. https://dx.doi.org/10.14722/ndss.2020.24018

[37]

James C King. 1976. Symbolic execution and program testing. Commun. ACM, 19, 7 (1976), 385–394. https://doi.org/10.1145/360248.360252

Digital Library

[38]

Ronny Ko, James Mickens, Blake Loring, and Ravi Netravali. 2021. Oblique: Accelerating Page Loads Using Symbolic Execution. In 18th $USENIX$ Symposium on Networked Systems Design and Implementation ($NSDI$ 21). 289–302.

[39]

Daniel Kroening and Michael Tautschnig. 2014. CBMC – C Bounded Model Checker. In Tools and Algorithms for the Construction and Analysis of Systems, Erika Ábrahám and Klaus Havelund (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg. 389–391. isbn:978-3-642-54862-8

[40]

You Li, Zhendong Su, Linzhang Wang, and Xuandong Li. 2013. Steering symbolic execution to less traveled paths. ACM SigPlan Notices, 48, 10 (2013), 19–32. https://doi.org/10.1145/2544173.2509553

Digital Library

[41]

Linux. 2022. Official page of dnstracer. https://linux.die.net/man/8/dnstracer

[42]

Lannan Luo, Qiang Zeng, Bokai Yang, Fei Zuo, and Junzhe Wang. 2021. Westworld: Fuzzing-Assisted Remote Dynamic Symbolic Execution of Smart Apps on IoT Cloud Platforms. In Annual Computer Security Applications Conference. 982–995. https://doi.org/10.1145/3485832.3488022

Digital Library

[43]

Kin-Keung Ma, Khoo Yit Phang, Jeffrey S Foster, and Michael Hicks. 2011. Directed symbolic execution. In International Static Analysis Symposium. 95–111. https://doi.org/10.1007/978-3-642-23702-7_11

[44]

Mihai Maganu. 2022. WebAssembly is abused by e-criminals. https://www.crowdstrike.com/blog/ecriminals-increasingly-use-webassembly-to-hide-malware/

[45]

Mark Mossberg, Felipe Manzano, Eric Hennenfent, Alex Groce, Gustavo Grieco, Josselin Feist, Trent Brunson, and Artem Dinaburg. 2019. Manticore: A user-friendly symbolic execution framework for binaries and smart contracts. In 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE). 1186–1189. https://doi.org/10.1109/ASE.2019.00133

Digital Library

[46]

BoSun Park, JinGyo Song, and Seog Chung Seo. 2020. Efficient Implementation of a Crypto Library Using Web Assembly. Electronics, 9, 11 (2020), 1839. https://www.mdpi.com/2079-9292/9/11/1839

[47]

Anton Permenev, Dimitar Dimitrov, Petar Tsankov, Dana Drachsler-Cohen, and Martin Vechev. 2020. Verx: Safety verification of smart contracts. In 2020 IEEE Symposium on Security and Privacy (SP). 1661–1677. https://doi.org/10.1109/SP40000.2020.00024

[48]

David A Ramos and Dawson Engler. 2015. Under-constrained symbolic execution: Correctness checking for real code. In 24th $USENIX$ Security Symposium ($USENIX$ Security 15). 49–64.

[49]

Sandra Rapps and Elaine J. Weyuker. 1985. Selecting Software Test Data Using Data Flow Information. IEEE Trans. Softw. Eng., 11, 4 (1985), apr, 367–375. issn:0098-5589 https://doi.org/10.1109/TSE.1985.232226

Digital Library

[50]

Nicola Ruaro, Kyle Zeng, Lukas Dresel, Mario Polino, Tiffany Bao, Andrea Continella, Stefano Zanero, Christopher Kruegel, and Giovanni Vigna. 2021. SyML: Guiding symbolic execution toward vulnerable states through pattern learning. In 24th International Symposium on Research in Attacks, Intrusions and Defenses. 456–468. https://doi.org/10.1145/3471621.3471865

Digital Library

[51]

Vaibhav Sharma, Soha Hussein, Michael W Whalen, Stephen McCamant, and Willem Visser. 2020. Java Ranger: Statically summarizing regions for efficient symbolic execution of Java. In Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 123–134. https://doi.org/10.1145/3368089.3409734

Digital Library

[52]

Yan Shoshitaishvili, Ruoyu Wang, Christopher Salls, Nick Stephens, Mario Polino, Andrew Dutcher, John Grosen, Siji Feng, Christophe Hauser, and Christopher Kruegel. 2016. Sok:(state of) the art of war: Offensive techniques in binary analysis. In 2016 IEEE Symposium on Security and Privacy (SP). 138–157. https://doi.org/10.1109/SP.2016.17

[53]

Amritraj Singh, Reza M Parizi, Qi Zhang, Kim-Kwang Raymond Choo, and Ali Dehghantanha. 2020. Blockchain smart contracts formalization: Approaches and challenges to address vulnerabilities. Computers & Security, 88 (2020), 101654. https://doi.org/10.1016/j.cose.2019.101654

Digital Library

[54]

Sunbeom So, Seongjoon Hong, and Hakjoo Oh. 2021. SMARTEST: Effectively Hunting Vulnerable Transaction Sequences in Smart Contracts through Language Model-Guided Symbolic Execution. In 30th $USENIX$ Security Symposium ($USENIX$ Security 21).

[55]

srdja. 2022. Collections-C, a library for data structures in C. https://github.com/srdja/Collections-C

[56]

Nick Stephens, John Grosen, Christopher Salls, Andrew Dutcher, Ruoyu Wang, Jacopo Corbetta, Yan Shoshitaishvili, Christopher Kruegel, and Giovanni Vigna. 2016. Driller: Augmenting fuzzing through selective symbolic execution. In NDSS. 16, 1–16. http://dx.doi.org/10.14722/ndss.2016.23368

[57]

David Trabish, Andrea Mattavelli, Noam Rinetzky, and Cristian Cadar. 2018. Chopped symbolic execution. In Proceedings of the 40th International Conference on Software Engineering. 350–360. https://doi.org/10.1145/3180155.3180251

Digital Library

[58]

Vladimír Vondruš. 2022. Graphics middleware libraries. https://github.com/mosra/magnum

[59]

w3reality. 2021. Multithreading library for Rust and WebAssembly. https://github.com/w3reality/wasm-mt

[60]

Dong Wang, Bo Jiang, and WK Chan. 2020. WANA: Symbolic Execution of Wasm Bytecode for Cross-Platform Smart Contract Vulnerability Detection. arXiv preprint arXiv:2007.15510.

[61]

Fish Wang and Yan Shoshitaishvili. 2017. Angr-the next generation of binary analysis. In 2017 IEEE Cybersecurity Development (SecDev). 8–9. https://doi.org/10.1109/SecDev.2017.14

[62]

WebAssembly. 2021. WebAssembly Official Site. https://webassembly.org/

[63]

WebAssembly. 2022. A standard interface between WebAssembly and external environments. https://wasi.dev/

[64]

Xusheng Xiao, Sihan Li, Tao Xie, and Nikolai Tillmann. 2013. Characteristic studies of loop problems for structural test generation via symbolic execution. In 2013 28th IEEE/ACM International Conference on Automated Software Engineering (ASE). 246–256. https://doi.org/10.1109/ASE.2013.6693084

Digital Library

[65]

Tao Xie, Nikolai Tillmann, Jonathan De Halleux, and Wolfram Schulte. 2009. Fitness-guided path exploration in dynamic symbolic execution. In 2009 IEEE/IFIP International Conference on Dependable Systems & Networks. 359–368. https://doi.org/10.1109/DSN.2009.5270315

[66]

Hui Xu, Zirui Zhao, Yangfan Zhou, and Michael R Lyu. 2018. Benchmarking the capability of symbolic execution tools with logic bombs. IEEE Transactions on Dependable and Secure Computing, 17, 6 (2018), 1243–1256. https://doi.org/10.1109/TDSC.2018.2866469

[67]

Guowei Yang, Corina S. Păsăreanu, and Sarfraz Khurshid. 2012. Memoized Symbolic Execution. In Proceedings of the 2012 International Symposium on Software Testing and Analysis (ISSTA 2012). Association for Computing Machinery, New York, NY, USA. 144–154. isbn:9781450314541 https://doi.org/10.1145/2338965.2336771

Digital Library

[68]

Junfeng Yang, Can Sar, Paul Twohey, Cristian Cadar, and Dawson Engler. 2006. Automatically generating malicious disks using symbolic execution. In 2006 IEEE Symposium on Security and Privacy (S&P’06). 15–pp. https://doi.org/10.1109/SP.2006.7

Digital Library

[69]

Yao Yao, Wei Zhou, Yan Jia, Lipeng Zhu, Peng Liu, and Yuqing Zhang. 2019. Identifying privilege separation vulnerabilities in IoT firmware with symbolic execution. In European Symposium on Research in Computer Security. 638–657. https://doi.org/10.1007/978-3-030-29959-0_31

Digital Library

[70]

Qiuping Yi, Zijiang Yang, Shengjian Guo, Chao Wang, Jian Liu, and Chen Zhao. 2015. Postconditioned symbolic execution. In 2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST). 1–10. https://doi.org/10.1109/ICST.2015.7102601

[71]

Qiuping Yi, Zijiang Yang, Shengjian Guo, Chao Wang, Jian Liu, and Chen Zhao. 2017. Eliminating path redundancy via postconditioned symbolic execution. IEEE Transactions on Software Engineering, 44, 1 (2017), 25–43. https://doi.org/10.1109/TSE.2017.2659751

Digital Library

Cited By

Wang YZhang ZHe NZhong ZGuo SBao QLi DGuo YChen XMeng WJensen CCremers CKirda E(2023)SymGX: Detecting Cross-boundary Pointer Vulnerabilities of SGX Applications via Static Symbolic ExecutionProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623213(2710-2724)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623213

Index Terms

Eunomia: Enabling User-Specified Fine-Grained Search in Symbolically Executing WebAssembly Binaries
1. Security and privacy
  1. Software and application security
    1. Software security engineering
2. Software and its engineering
  1. Software creation and management
    1. Software verification and validation

Recommendations

Eunomia: Scaling Concurrent Search Trees under Contention Using HTM
PPoPP '17

While hardware transactional memory (HTM) has recently been adopted to construct efficient concurrent search tree structures, such designs fail to deliver scalable performance under contention. In this paper, we first conduct a detailed analysis on an ...
Eunomia: Scaling Concurrent Search Trees under Contention Using HTM
PPoPP '17: Proceedings of the 22nd ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming

While hardware transactional memory (HTM) has recently been adopted to construct efficient concurrent search tree structures, such designs fail to deliver scalable performance under contention. In this paper, we first conduct a detailed analysis on an ...
FineLock: automatically refactoring coarse-grained locks into fine-grained locks
ISSTA 2020: Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis

Lock is a frequently-used synchronization mechanism to enforce exclusive access to a shared resource. However, lock-based concurrent programs are susceptible to lock contention, which leads to low performance and poor scalability. Furthermore, ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ISSTA 2023: Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis

July 2023

1554 pages

ISBN:9798400702211

DOI:10.1145/3597926

General Chair:
René Just
University of Washington, USA
,
Program Chair:
Gordon Fraser
University of Passau, Germany

Copyright © 2023 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 July 2023

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ISSTA '23

Sponsor:

SIGSOFT

ISSTA '23: 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis

July 17 - 21, 2023

WA, Seattle, USA

Acceptance Rates

Overall Acceptance Rate 58 of 213 submissions, 27%

Upcoming Conference

ISSTA '24

Sponsor:
sigsoft

33rd ACM SIGSOFT International Symposium on Software Testing and Analysis

September 16 - 20, 2024

Vienna , Austria

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
204
Total Downloads

Downloads (Last 12 months)204
Downloads (Last 6 weeks)16

Reflects downloads up to

Other Metrics

View Author Metrics

Citations

Cited By

Wang YZhang ZHe NZhong ZGuo SBao QLi DGuo YChen XMeng WJensen CCremers CKirda E(2023)SymGX: Detecting Cross-boundary Pointer Vulnerabilities of SGX Applications via Static Symbolic ExecutionProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623213(2710-2724)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623213

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents