A survey of symbolic execution techniques
Many security and software testing applications require checking whether certain properties
of a program hold for any possible usage scenario. For instance, a tool for identifying …
of a program hold for any possible usage scenario. For instance, a tool for identifying …
A survey of binary code similarity
IU Haq, J Caballero - Acm computing surveys (csur), 2021 - dl.acm.org
Binary code similarityapproaches compare two or more pieces of binary code to identify their
similarities and differences. The ability to compare binary code enables many real-world …
similarities and differences. The ability to compare binary code enables many real-world …
Unleashing mayhem on binary code
In this paper we present Mayhem, a new system for automatically finding exploitable bugs in
binary (ie, executable) programs. Every bug reported by Mayhem is accompanied by a …
binary (ie, executable) programs. Every bug reported by Mayhem is accompanied by a …
S2E: A platform for in-vivo multi-path analysis of software systems
This paper presents S2E, a platform for analyzing the properties and behavior of software
systems. We demonstrate S2E's use in developing practical tools for comprehensive …
systems. We demonstrate S2E's use in developing practical tools for comprehensive …
Program-adaptive mutational fuzzing
We present the design of an algorithm to maximize the number of bugs found for black-box
mutational fuzzing given a program and a seed input. The major intuition is to leverage white …
mutational fuzzing given a program and a seed input. The major intuition is to leverage white …
BAP: A binary analysis platform
D Brumley, I Jager, T Avgerinos… - … , UT, USA, July 14-20, 2011 …, 2011 - Springer
BAP is a publicly available infrastructure for performing program verification and analysis
tasks on binary (ie, executable) code. In this paper, we describe BAP as well as lessons …
tasks on binary (ie, executable) code. In this paper, we describe BAP as well as lessons …
Automatic exploit generation
Automatic exploit generation Page 1 contributed articles 74 CoMMuniCations of the aCM |
feBRuARy 2014 | voL. 57 | No. 2 aTTacKers commonLy eXpLoIT buggy programs to break into …
feBRuARy 2014 | voL. 57 | No. 2 aTTacKers commonLy eXpLoIT buggy programs to break into …
{BYTEWEIGHT}: Learning to recognize functions in binary code
Function identification is a fundamental challenge in reverse engineering and binary
program analysis. For instance, binary rewriting and control flow integrity rely on accurate …
program analysis. For instance, binary rewriting and control flow integrity rely on accurate …
Enhancing symbolic execution with veritesting
We present MergePoint, a new binary-only symbolic execution system for large-scale and
fully unassisted testing of commodity off-the-shelf (COTS) software. MergePoint introduces …
fully unassisted testing of commodity off-the-shelf (COTS) software. MergePoint introduces …
ISA Semantics for ARMv8-a, RISC-v, and CHERI-MIPS
A Armstrong, T Bauereiss, B Campbell, A Reid… - Proceedings of the …, 2019 - dl.acm.org
Architecture specifications notionally define the fundamental interface between hardware
and software: the envelope of allowed behaviour for processor implementations, and the …
and software: the envelope of allowed behaviour for processor implementations, and the …