English
Related papers

Related papers: FuSeBMC: A White-Box Fuzzer for Finding Security V…

200 papers

We present Harvey, an industrial greybox fuzzer for smart contracts, which are programs managing accounts on a blockchain. Greybox fuzzing is a lightweight test-generation approach that effectively detects bugs and security vulnerabilities.…

Software Engineering · Computer Science 2019-05-17 Valentin Wüstholz , Maria Christakis

Emulation-based fuzzers enable testing binaries without source code, and facilitate testing embedded applications where automated execution on the target hardware architecture is difficult and slow. The instrumentation techniques added to…

Cryptography and Security · Computer Science 2023-06-22 Michael Chesser , Surya Nepal , Damith C. Ranasinghe

The increasing complexity of modern software systems exacerbates the prevalence of security vulnerabilities, posing risks of severe breaches and substantial economic loss. Consequently, robust code vulnerability detection is essential for…

Cryptography and Security · Computer Science 2025-10-09 Zhiyuan Wei , Xiaoxuan Yang , Jing Sun , Zijian Zhang

Smart contracts, the cornerstone of decentralized applications, have become increasingly prominent in revolutionizing the digital landscape. However, vulnerabilities in smart contracts pose great risks to user assets and undermine overall…

Software Engineering · Computer Science 2024-08-20 Ruichao Liang , Jing Chen , Cong Wu , Kun He , Yueming Wu , Ruochen Cao , Ruiying Du , Yang Liu , Ziming Zhao

As the complexity of modern processors has increased over the years, developing effective verification strategies to identify bugs prior to manufacturing has become critical. Undiscovered micro-architectural bugs in processors can manifest…

Fuzzing is widely used for detecting bugs and vulnerabilities, with various techniques proposed to enhance its effectiveness. To combine the advantages of multiple technologies, researchers proposed ensemble fuzzing, which integrates…

Software Engineering · Computer Science 2025-07-31 Yukai Zhao , Shaohua Wang , Jue Wang , Xing Hu , Xin Xia

This paper introduces a tool for verifying Python programs, which, using type annotation and front-end processing, can harness the capabilities of a bounded model-checking (BMC) pipeline. It transforms an input program into an abstract…

Software Engineering · Computer Science 2024-07-08 Bruno Farias , Rafael Menezes , Eddie B. de Lima Filho , Youcheng Sun , Lucas C. Cordeiro

Hardware-level memory vulnerabilities severely threaten computing systems. However, hardware patching is inefficient or difficult postfabrication. We investigate the effectiveness of hardware fuzzing in detecting hardware memory…

Cryptography and Security · Computer Science 2024-10-31 Mohamadreza Rostami , Chen Chen , Rahul Kande , Huimin Li , Jeyavijayan Rajendran , Ahmad-Reza Sadeghi

Processor designs rely on iterative modifications and reuse well-established designs. However, this reuse of prior designs also leads to similar vulnerabilities across multiple processors. As processors grow increasingly complex with…

Cryptography and Security · Computer Science 2025-12-09 Chen Chen , Zaiyan Xu , Mohamadreza Rostami , David Liu , Dileep Kalathil , Ahmad-Reza Sadeghi , Jeyavijayan Rajendran

As researchers, we already understand how to make testing more effective and efficient at finding bugs. However, as fuzzing (i.e., automated testing) becomes more widely adopted in practice, practitioners are asking: Which assurances does a…

Software Engineering · Computer Science 2018-12-18 Marcel Böhme

Greybox fuzzing has made impressive progress in recent years, evolving from heuristics-based random mutation to approaches for solving individual path constraints. However, they have difficulty solving path constraints that involve deeply…

Cryptography and Security · Computer Science 2019-10-10 Peng Chen , Jianzhong Liu , Hao Chen

Cryptographic protocols form the backbone of modern security systems, yet vulnerabilities persist within their implementations. Traditional testing techniques, including fuzzing, have struggled to effectively identify vulnerabilities in…

Cryptography and Security · Computer Science 2024-09-20 S Mahmudul Hasan , Polina Kozyreva , Endadul Hoque

Grey box fuzzing is one of the most successful methods for automatic vulnerability detection. However,conventional Grey box Fuzzers like AFL can open perform fuzzing against the whole input and spend more time on smaller seeds with lower…

Cryptography and Security · Computer Science 2022-03-31 Linlin Zhang , Ning Luo

Fuzz testing has become a cornerstone technique for identifying software bugs and security vulnerabilities, with broad adoption in both industry and open-source communities. Directly fuzzing a function requires fuzz drivers, which translate…

Software Engineering · Computer Science 2025-10-03 Paschal C. Amusuo , Dongge Liu , Ricardo Andres Calvo Mendez , Jonathan Metzman , Oliver Chang , James C. Davis

Fuzz testing has enjoyed great success at discovering security critical bugs in real software. Recently, researchers have devoted significant effort to devising new fuzzing techniques, strategies, and algorithms. Such new ideas are…

Cryptography and Security · Computer Science 2018-10-22 George Klees , Andrew Ruef , Benji Cooper , Shiyi Wei , Michael Hicks

Quantum utility has been severely limited in superconducting quantum hardware until now by the modest number of qubits and the relatively high level of control and readout errors, due to the intentional coupling with the external…

Although Rust ensures memory safety by default, it also permits the use of unsafe code, which can introduce memory safety vulnerabilities if misused. Unfortunately, existing tools for detecting memory bugs in Rust typically exhibit limited…

Cryptography and Security · Computer Science 2025-10-28 Georgios Androutsopoulos , Antonio Bianchi

Modern processors are equipped with single instruction multiple data (SIMD) instructions for fine-grained data parallelism. Compiler auto-vectorization techniques that target SIMD instructions face performance limitations due to…

Cryptography and Security · Computer Science 2025-07-08 Yibo He , Cunjian Huang , Xianmiao Qu , Hongdeng Chen , Wei Yang , Tao Xie

This paper introduces an innovative approach that combines Large Language Models (LLMs) with Formal Verification strategies for automatic software vulnerability repair. Initially, we employ Bounded Model Checking (BMC) to identify…

Software Engineering · Computer Science 2024-07-01 Norbert Tihanyi , Ridhi Jain , Yiannis Charalambous , Mohamed Amine Ferrag , Youcheng Sun , Lucas C. Cordeiro

The increasing complexity of modern processor and IP designs presents significant challenges in identifying and mitigating hardware flaws early in the IC design cycle. Traditional hardware fuzzing techniques, inspired by software testing,…

Cryptography and Security · Computer Science 2025-01-03 Raghul Saravanan , Sreenitha Kasarapu , Sai Manoj Pudukotai Dinakarrao