English
Related papers

Related papers: Evaluating SZZ Implementations Through a Developer…

200 papers

A flurry of fuzzing tools (fuzzers) have been proposed in the literature, aiming at detecting software vulnerabilities effectively and efficiently. To date, it is however still challenging to compare fuzzers due to the inconsistency of the…

Cryptography and Security · Computer Science 2020-10-06 Yuwei Li , Shouling Ji , Yuan Chen , Sizhuang Liang , Wei-Han Lee , Yueyao Chen , Chenyang Lyu , Chunming Wu , Raheem Beyah , Peng Cheng , Kangjie Lu , Ting Wang

Software testing is an essential part of the software development cycle to improve the code quality. Typically, a unit test consists of a test prefix and a test oracle which captures the developer's intended behaviour. A known limitation of…

Software Engineering · Computer Science 2024-10-29 Michael Konstantinou , Renzo Degiovanni , Mike Papadakis

The aim is to identify faulty predicates which have strong effect on program failure. Statistical debugging techniques are amongst best methods for pinpointing defects within the program source code. However, they have some drawbacks. They…

Software Engineering · Computer Science 2016-12-20 Farid Feyzi , Esmaeel Nikravan , Saeed Parsa

Coverage guided fuzzing (CGF) is an effective testing technique which has detected hundreds of thousands of bugs from various software applications. It focuses on maximizing code coverage to reveal more bugs during fuzzing. However, a…

Software Engineering · Computer Science 2022-05-03 Ruixiang Qian , Quanjun Zhang , Chunrong Fang , Lihua Guo

Fuzz testing has been used to find bugs in programs since the 1990s, but despite decades of dedicated research, there is still no consensus on which fuzzing techniques work best. One reason for this is the paucity of ground truth: bugs in…

Cryptography and Security · Computer Science 2022-08-24 Joshua Bundt , Andrew Fasano , Brendan Dolan-Gavitt , William Robertson , Tim Leek

Static analyzers play a critical role in identifying bugs early in the software development lifecycle, but their rule implementations are often under-tested and prone to inconsistencies. To address this, we propose StaAgent, an agentic…

Software Engineering · Computer Science 2025-07-23 Elijah Nnorom , Md Basim Uddin Ahmed , Jiho Shin , Hung Viet Pham , Song Wang

A common paradigm for improving fuzzing performance is to focus on selected regions of a program rather than its entirety. While previous work has largely explored how these locations can be reached, their selection, that is, the where, has…

Smart contracts play a pivotal role in blockchain ecosystems, and fuzzing remains an important approach to securing smart contracts. Even though mutation scheduling is a key factor influencing fuzzing effectiveness, existing fuzzers have…

Software Engineering · Computer Science 2025-07-17 Keke Gai , Haochen Liang , Jing Yu , Liehuang Zhu , Dusit Niyato

Context: Code coverage is widely used as a software quality assurance measure. However, its effect, and specifically the advisable dose, are disputed in both the research and engineering communities. Prior work reports only correlational…

Software Engineering · Computer Science 2026-02-04 Lukas Schulte , Gordon Fraser , Steffen Herbold

Context: Specification mining techniques are typically used to extract the specification of a software in the absence of (up-to-date) specification documents. This is useful for program comprehension, testing, and anomaly detection.…

Software Engineering · Computer Science 2019-05-09 Mohammad Jafar Mashhadi , Taha R. Siddiqui , Hadi Hemmati , Howard Loewen

Software bugs claim approximately 50% of development time and cost the global economy billions of dollars. Once a bug is reported, the assigned developer attempts to identify and understand the source code responsible for the bug and then…

Software Engineering · Computer Science 2025-01-29 Parvez Mahbub , Ohiduzzaman Shuvo , Mohammad Masudur Rahman

Automated unit test generation aims to improve software quality while reducing the time and effort required for creating tests manually. However, existing techniques primarily generate regression oracles that predicate on the implemented…

Software Engineering · Computer Science 2026-01-12 Adam Bodicoat , Gunel Jahangirova , Valerio Terragni

We present a practical framework for detecting errors in LLM-generated SQL by estimating uncertainty at the level of individual nodes in the query's abstract syntax tree (AST). Our approach proceeds in two stages. First, we introduce a…

Machine Learning · Computer Science 2025-11-21 Hilaf Hasson , Ruocheng Guo

Today, most automated test generators, such as search-based software testing (SBST) techniques focus on achieving high code coverage. However, high code coverage is not sufficient to maximise the number of bugs found, especially when given…

Software Engineering · Computer Science 2021-09-28 Anjana Perera , Aldeida Aleti , Marcel Böhme , Burak Turhan

Despite being one of the most basic tasks in software development, debugging is still performed in a mostly manual way, leading to high cost and low performance. To address this problem, researchers have studied promising approaches, such…

Software Engineering · Computer Science 2017-11-28 Higor A. de Souza , Marcos L. Chaim , Fabio Kon

Collaborative fuzzing combines multiple individual fuzzers and dynamically chooses appropriate combinations for different programs. Unlike individual fuzzers that rely on specific assumptions, collaborative fuzzing relaxes assumptions on…

Cryptography and Security · Computer Science 2025-07-23 Wenxuan Shi , Hongwei Li , Jiahao Yu , Xinqian Sun , Wenbo Guo , Xinyu Xing

Internet of Things (IoT) devices offer convenience through web interfaces, web VPNs, and other web-based services, all relying on the HTTP protocol. However, these externally exposed HTTP services resent significant security risks. Although…

Cryptography and Security · Computer Science 2024-11-20 Zhe Yang , Hao Peng , Yanling Jiang , Xingwei Li , Haohua Du , Shuhai Wang , Jianwei Liu

Machine learning-based program analyses have recently shown the promise of integrating formal and probabilistic reasoning towards aiding software development. However, in the absence of large annotated corpora, training these analyses is…

Machine Learning · Computer Science 2021-11-17 Miltiadis Allamanis , Henry Jackson-Flux , Marc Brockschmidt

Fuzzing is a highly effective method for uncovering software vulnerabilities, but analyzing the resulting data typically requires substantial manual effort. This is amplified by the fact that fuzzing campaigns often find a large number of…

Software Engineering · Computer Science 2025-12-02 Patrick Herter , Vincent Ahlrichs , Ridvan Açilan , Julian Horsch

Fault localization has been determined as a major resource factor in the software development life cycle. Academic fault localization techniques are mostly unknown and unused in professional environments. Although manual debugging…

Software Engineering · Computer Science 2021-03-04 Thomas Hirsch
‹ Prev 1 8 9 10 Next ›