• Publications
  • Influence
Directed Greybox Fuzzing
TLDR
We introduce Directed Greybox Fuzzing (DGF) which generates inputs with the objective of reaching a given set of target program locations efficiently. Expand
  • 228
  • 31
  • PDF
Coverage-Based Greybox Fuzzing as Markov Chain
TLDR
Coverage-based Greybox Fuzzing (CGF) is a random testing approach that requires no program analysis. Expand
  • 112
  • 24
CoREBench: studying complexity of regression errors
TLDR
We introduce CoREBench, a collection of 70 regression errors systematically extracted from several open-source C-projects and compare their complexity with that of the seeded errors in the two most popular error benchmarks, SIR and SIR. Expand
  • 61
  • 10
  • PDF
Model-based whitebox fuzzing for program binaries
TLDR
We present Model-based Whitebox Fuzzing (MoWF), an automated testing technique for industrial-size program binaries that process structured inputs. Expand
  • 62
  • 4
  • PDF
A Probabilistic Analysis of the Efficiency of Automated Software Testing
TLDR
We study the relative efficiencies of the random and systematic approaches to automated software testing. Expand
  • 39
  • 3
  • PDF
Smart Greybox Fuzzing
TLDR
We introduce smart greybox fuzzing (SGF) which leverages a high-level structural representation of the seed file to generate new files. Expand
  • 42
  • 3
  • PDF
Partition-based regression verification
TLDR
This paper presents Partition-based Regression Verification (PRV): an approach to RV based on the gradual exploration of differential input partitions that enables a gradual and partial form of regression verification. Expand
  • 45
  • 2
  • PDF
A correlation study between automated program repair and test-suite metrics
TLDR
We empirically investigate whether traditional test-suite metrics such as statement/branch coverage and mutation score are effective in controlling the reliability of generated repairs. Expand
  • 21
  • 2
  • PDF
AFLNET: A Greybox Fuzzer for Network Protocols
TLDR
We present AFLNET, the first greybox fuzzer for protocol implementations. Expand
  • 13
  • 2
  • PDF
Detecting information flow by mutating input data
TLDR
We present a lightweight mutation-based flow analysis that systematically mutates dynamic values returned by sensitive sources to assess whether the mutation changes the values passed to sensitive sinks. Expand
  • 21
  • 1
  • PDF
...
1
2
3
4
...