—Fuzz testing has proven successful in finding security vulnerabilities in large programs. However, traditional fuzz testing tools have a well-known common drawback: they are in...
Abstract. Many automatic testing, analysis, and verification techniques for programs can effectively be reduced to a constraint-generation phase followed by a constraint-solving ...
Vijay Ganesh, Adam Kiezun, Shay Artzi, Philip J. G...
This paper presents joint work by the California Institute of Technology’s Jet Propulsion Laboratory and the University of California at Davis (UC Davis) sponsored by the Nation...
Completely handling SQL injection consists of two activities: properly protecting the system from malicious input, and preventing any resultant error messages caused by SQL injecti...
We present an extension of traditional "black box" fuzz testing using a genetic algorithm based upon a Dynamic Markov Model fitness heuristic. This heuristic allows us t...
Sherri Sparks, Shawn Embleton, Ryan Cunningham, Cl...