Symbolic execution is widely used to detect vulnerabilities in software. The idea is to symbolically execute the program in order to find an executable path to a target instruction. For the analysis to be fully accurate, it must be performed on the binary code, which makes the well-known issue of state explosion even more critical. In this paper, we introduce a novel exploration strategy for symbolic execution aiming to limit the number of explored paths. Our strategy is inspired from the A* algorithm and steered towards least explored parts of the program. We compare our approach, using the Binsec tool, to three other classical strategies: Depth-First (DFS), Breadth-First (BFS) and Non-Uniform Random (NURS). Our experiments on real-size pr...
Abstract—In this paper we present MAYHEM, a new sys-tem for automatically finding exploitable bugs i...
Symbolic execution is a powerful program analysis technique that systematically explores multiple pr...
Abstract—In this paper we present MAYHEM, a new sys-tem for automatically finding exploitable bugs i...
Symbolic execution is widely used to detect vulnerabilities in software. The idea is to symbolically...
Many security and software testing applications require checking whether certain properties of a pro...
Over the past 20 years, our society has become increasingly dependent on software. Today, we rely on...
Symbolic execution is well known as a dynamic vulnerability discovery technique. Its greatest advant...
Memory corruption is a serious class of software vulnerabilities, which requires careful attention t...
Symbolic execution has the potential to make software more secure by significantly improving automat...
Abstract. In this paper, we study the problem of automatically find-ing program executions that reac...
Modern software systems require the support of automatic program analyses to answer questions about ...
Symbolic execution is a powerful technique for analyzing program behavior, finding bugs, and generat...
The ramping up use of network connected devices is providing hackers more incentives and opportuniti...
Code obfuscation is a major tool for protecting software intellectual property from attacks such as ...
Quantitative program analysis is an emerging area with applications to software testing and security...
Abstract—In this paper we present MAYHEM, a new sys-tem for automatically finding exploitable bugs i...
Symbolic execution is a powerful program analysis technique that systematically explores multiple pr...
Abstract—In this paper we present MAYHEM, a new sys-tem for automatically finding exploitable bugs i...
Symbolic execution is widely used to detect vulnerabilities in software. The idea is to symbolically...
Many security and software testing applications require checking whether certain properties of a pro...
Over the past 20 years, our society has become increasingly dependent on software. Today, we rely on...
Symbolic execution is well known as a dynamic vulnerability discovery technique. Its greatest advant...
Memory corruption is a serious class of software vulnerabilities, which requires careful attention t...
Symbolic execution has the potential to make software more secure by significantly improving automat...
Abstract. In this paper, we study the problem of automatically find-ing program executions that reac...
Modern software systems require the support of automatic program analyses to answer questions about ...
Symbolic execution is a powerful technique for analyzing program behavior, finding bugs, and generat...
The ramping up use of network connected devices is providing hackers more incentives and opportuniti...
Code obfuscation is a major tool for protecting software intellectual property from attacks such as ...
Quantitative program analysis is an emerging area with applications to software testing and security...
Abstract—In this paper we present MAYHEM, a new sys-tem for automatically finding exploitable bugs i...
Symbolic execution is a powerful program analysis technique that systematically explores multiple pr...
Abstract—In this paper we present MAYHEM, a new sys-tem for automatically finding exploitable bugs i...