Discover deeper bugs with dynamic symbolic execution and coverage-based fuzz testing

Coverage-based fuzz testing and dynamic symbolic execution are both popular program testing techniques. However, on their own, both techniques suffer from scalability problems when considering the complexity of modern software. Hybrid testing methods attempt to mitigate these problems by leveraging dynamic symbolic execution to assist fuzz testing. Unfortunately, the efficiency of such methods is still limited by specific program structures and the schedule of seed files. In this study, the authors introduce a novel lazy symbolic pointer concretisation method and a symbolic loop bucket optimisation to mitigate path explosion caused by dynamic symbolic execution in hybrid testing. They also propose a distance-based seed selection method to rearrange the seed queue of the fuzzer engine in order to achieve higher coverage. They implemented a prototype and evaluate its ability to find vulnerabilities in software and cover new execution paths. They show on different benchmarks that it can find more crashes than other off-the-shelf vulnerability detection tools. They also show that the proposed method can discover 43% more unique paths than vanilla fuzz testing.

Discover deeper bugs with dynamic symbolic execution and coverage-based fuzz testing

Graph Chatbot

Tension-tension fatigue behavior of basalt composite hybrid joints

To Infinity, and Beyond (Coverage)

Enhancing higher education through hybrid and flipped learning: Experiences from the GRE@T-PIONEeR project

Tension-tension fatigue behavior of basalt composite hybrid joints

To Infinity, and Beyond (Coverage)

Enhancing higher education through hybrid and flipped learning: Experiences from the GRE@T-PIONEeR project