Main navigation | Main content
Patrice Godefroid, Adam Kiezun, and Michael
Y. Levin. “Grammar-based whitebox fuzzing”. In
Programming Language Design and Implementation (PLDI), pages
206–215, Tucson, AZ, USA, June 2008.
[ACM]
Kin-Keung Ma, Khoo Yit Phang, Jeffrey S. Foster, and Michael
Hicks. “Directed symbolic execution”. In Static
Analysis Symposium (SAS), pages 95–111, Venice, Italy,
September 2011.
[Springer]
Question: One of the papers referenced in the second of the main readings is a somewhat older one by J. M. Morris on “A general axiom of assignment”. Because of its age, it isn't as easily available online as more recent CS papers tend to be. If you wanted to read this paper, what would you need to do to get a copy? Do a little preliminary research on the web to see what your options would be: they might differ in terms of the cost or the time before you got access. (As of this writing I was able to find “3 and a half” possibilities.)
Domagoj Babić, Lorenzo Martignoni, Stephen McCamant, and Dawn
Song. “Statically-directed dynamic automated test
generation”. In International Symposium on Software Testing
and Analysis (ISSTA), pages 12–22, Toronto, ON, Canada, July
2011.
[ACM]
This paper describes a technique using symbolic execution to create test cases for warnings found by static analysis of a dynamically disassembled binary representation. It also represents another example (along with the SAS paper in the main readings) of a technique for guiding symbolic execution to a particular program location.
Patrice Godefroid and Daniel Luchaup. “Automatic partial loop
summarization in dynamic test generation”. In International
Symposium on Software Testing and Analysis (ISSTA), pages
23–33, Toronto, ON, Canada, July 2011.
[ACM]
Another important research question in symbolic execution, exemplified by this paper, is how to deal more efficiently with loops than just unrolling every iteration as a separate branch.
Sang Kil Cha, Thanassis Avgerinos, Alexandre Rebert, and David
Brumley. “Unleashing Mayhem on binary code”. In IEEE Symposium
on Security and Privacy “Oakland”, pages
380–394, San Francisco, CA, USA, May 2012.
[IEEE Xplore]
In addition to focusing more explicitly on security vulnerabilities, this paper describes some techniques for dealing efficiently with lookup tables.