Over the past 20 years, our society has become increasingly dependent on software. Today, we rely on software for our financial transactions, our work, our communications, even our social contacts. A single software aw is enough to cause irreparable damage, and as our reliance on software increases, so does our need for developing systematic techniques that check the software we use for critical vulnerabilities. In this dissertation, we investigate trade-os in symbolic execution for identifying security-critical bugs. In the first part of the dissertation, we present symbolic execution systems capable of demonstrating control ow hijacks on real-world programs both at the source, and binary level. By exploiting specific trade-os in symbolic ...
International audienceThis paper presents a fully automated technique to find and trigger Use-After-...
Modern software systems require the support of automatic program analyses to answer questions about ...
Software bugs are expensive. Recent estimates by the US National Institute of Standards and Technolo...
<p>Over the past 20 years, our society has become increasingly dependent on software. Today, we rely...
Our computers, phones, and other smart devices are running a vast and ever increasing amount of soft...
Many security and software testing applications require checking whether certain properties of a pro...
Abstract—In this paper we present MAYHEM, a new sys-tem for automatically finding exploitable bugs i...
The ramping up use of network connected devices is providing hackers more incentives and opportuniti...
Abstract—In this paper we present MAYHEM, a new sys-tem for automatically finding exploitable bugs i...
Fuzz testing has proven successful in finding security vulnerabilities in large programs. However, t...
Symbolic execution is one of the most powerful tools in static analysis for finding bugs. In this te...
Software plays an important role in everyday life, from consumer applications to mission-critical sy...
University of Minnesota Ph.D. dissertation. 2021. Major: Computer Science. Advisor: Stephen McCamant...
Symbolic execution is widely used to detect vulnerabilities in software. The idea is to symbolically...
Quantitative program analysis is an emerging area with applications to software testing and security...
International audienceThis paper presents a fully automated technique to find and trigger Use-After-...
Modern software systems require the support of automatic program analyses to answer questions about ...
Software bugs are expensive. Recent estimates by the US National Institute of Standards and Technolo...
<p>Over the past 20 years, our society has become increasingly dependent on software. Today, we rely...
Our computers, phones, and other smart devices are running a vast and ever increasing amount of soft...
Many security and software testing applications require checking whether certain properties of a pro...
Abstract—In this paper we present MAYHEM, a new sys-tem for automatically finding exploitable bugs i...
The ramping up use of network connected devices is providing hackers more incentives and opportuniti...
Abstract—In this paper we present MAYHEM, a new sys-tem for automatically finding exploitable bugs i...
Fuzz testing has proven successful in finding security vulnerabilities in large programs. However, t...
Symbolic execution is one of the most powerful tools in static analysis for finding bugs. In this te...
Software plays an important role in everyday life, from consumer applications to mission-critical sy...
University of Minnesota Ph.D. dissertation. 2021. Major: Computer Science. Advisor: Stephen McCamant...
Symbolic execution is widely used to detect vulnerabilities in software. The idea is to symbolically...
Quantitative program analysis is an emerging area with applications to software testing and security...
International audienceThis paper presents a fully automated technique to find and trigger Use-After-...
Modern software systems require the support of automatic program analyses to answer questions about ...
Software bugs are expensive. Recent estimates by the US National Institute of Standards and Technolo...