Share This Author
ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection
ContractFuzzer is presented, a novel fuzzer to test Ethereum smart contracts for security vulnerabilities that successfully detects the vulnerability of the DAO contract that leads to $60 million loss and the vulnerabilities of Parity Wallet that have led to the loss of $30 million and the freezing of $150 million worth of Ether.
Adaptive Random Test Case Prioritization
- Bo Jiang, Zhenyu Zhang, W. Chan, T. Tse
- Computer ScienceIEEE/ACM International Conference on Automated…
- 16 November 2009
This paper proposes a new family of Coverage-based ART techniques and shows empirically that they are statistically superior to the RT-based technique in detecting faults and one of the ART prioritization techniques is consistently comparable to some of the best coverage-based prioritizing techniques and yet involves much less time cost.
A Tale of Clouds: Paradigm Comparisons and Some Thoughts on Research Issues
- Lijun Mei, W. Chan, T. Tse
- Computer ScienceIEEE Asia-Pacific Services Computing Conference
- 9 December 2008
This paper compares cloud computing with service computing and pervasive computing based on the classic model of computer architecture, and draws up a series of research questions in cloud computing for future exploration.
Capturing propagation of infected program states
This paper uses edge profiles to represent passed executions and failed executions, and contrasts them to model how each basic block contributes to failures by abstractly propagating infected program states to its adjacent basic blocks through control flow edges.
Partial constraint checking for context consistency in pervasive computing
This article proposes a rigorous approach to identifying the parts of previous checking results that are reusable without entire rechecking and reported that the approach achieved over a fifteenfold performance improvement on context inconsistency detection than conventional approaches.
Taming coincidental correctness: Coverage refinement with context patterns to improve fault localization
- Xinming Wang, S. Cheung, W. Chan, Zhenyu Zhang
- Computer ScienceIEEE 31st International Conference on Software…
- 16 May 2009
This paper refine code coverage of test runs using control- and data-flow patterns prescribed by different fault types so that this extra information can strengthen the correlations between program failures and the coverage of faulty program entities, making it easier for fault localization techniques to locate the faults.
Testing context-aware middleware-centric programs: a data flow approach and an RFID-based experimentation
This paper proposes a novel family of testing criteria to measure the comprehensiveness of their test sets, stems from context-aware data flow information, and studies the evolution of contexts, which are environmental information relevant to an application program.
Data flow testing of service-oriented workflow applications
This paper develops an algorithm to construct XRGs and a novel family of data flow testing criteria to test WS-BPEL applications and proposes a data structure called XPath rewriting graph (XRG), which not only models how an XPath is conceptually rewritten but also tracks individual rewritings progressively.
Testing context-sensitive middleware-based software applications
- T. H. Tse, S. Yau, W. Chan, Heng Lu, T. Chen
- Computer ScienceProceedings of the 28th Annual International…
- 28 September 2004
This work proposes to use isotropic properties of contexts as metamorphic relations for testing context-sensitive software, where distinct points on the same isotropics curve of contexts would entail comparable responses by the components.
Improving the Effectiveness of Testing Pervasive Software via Context Diversity
This case study shows that the strategy that uses test cases with higher context diversity can significantly improve the effectiveness of existing data-flow testing criteria for context-aware pervasive software.