English
Related papers

Related papers: Detecting Buggy Contracts via Smart Testing

200 papers

Fuzzing is one of the prevailing methods for vulnerability detection. However, even state-of-the-art fuzzing methods become ineffective after some period of time, i.e., the coverage hardly improves as existing methods are ineffective to…

Cryptography and Security · Computer Science 2021-12-15 Shunkai Zhu , Jingyi Wang , Jun Sun , Jie Yang , Xingwei Lin , Liyi Zhang , Peng Cheng

Poorly designed smart contracts are particularly vulnerable, as they may allow attackers to exploit weaknesses and steal the virtual currency they manage. In this study, we train a model using unsupervised learning to identify…

Cryptography and Security · Computer Science 2025-04-15 Hong-Sheng Huang , Jen-Yi Ho , Hao-Wen Chen , Hung-Min Sun

With blockchain technology rapidly progress, the smart contracts have become a common tool in a number of industries including finance, healthcare, insurance and gaming. The number of smart contracts has multiplied, and at the same time,…

Cryptography and Security · Computer Science 2023-04-27 Mohammad Khodadadi , Jafar Tahmoresnezhad

Fuzz testing has been used to find bugs in programs since the 1990s, but despite decades of dedicated research, there is still no consensus on which fuzzing techniques work best. One reason for this is the paucity of ground truth: bugs in…

Cryptography and Security · Computer Science 2022-08-24 Joshua Bundt , Andrew Fasano , Brendan Dolan-Gavitt , William Robertson , Tim Leek

Firmware serves as the critical interface between hardware and software in computing systems, making any bugs or vulnerabilities particularly dangerous as they can cause catastrophic system failures. While fuzzing is a promising approach…

Cryptography and Security · Computer Science 2026-02-03 Dakshina Tharindu , Aruna Jayasena , Prabhat Mishra

Solana has quickly emerged as a popular platform for building decentralized applications (DApps), such as marketplaces for non-fungible tokens (NFTs). A key reason for its success are Solana's low transaction fees and high performance,…

Cryptography and Security · Computer Science 2024-12-17 Sven Smolka , Jens-Rene Giesen , Pascal Winkler , Oussama Draissi , Lucas Davi , Ghassan Karame , Klaus Pohl

Smart contracts are programs that are executed on a blockhain. They have been used for applications in voting, decentralized finance, and supply chain management. However, vulnerabilities in smart contracts have been abused by hackers,…

Programming Languages · Computer Science 2021-10-19 Timothy Mou , Michael Coblenz , Jonathan Aldrich

Modern blockchain systems support creation of smart contracts -- stateful programs hosted and executed on a blockchain. Smart contracts hold and transfer significant amounts of digital currency which makes them an attractive target for…

Software Engineering · Computer Science 2019-06-10 Dmitrii Suvorov , Vladimir Ulyantsev

This paper presents a novel fuzzing framework, called MicroFuzz, specifically designed for Microservices. Mocking-Assisted Seed Execution, Distributed Tracing, Seed Refresh and Pipeline Parallelism approaches are adopted to address the…

Software Engineering · Computer Science 2024-02-06 Peng Di , Bingchang Liu , Yiyi Gao

Smart contracts, integral to blockchain ecosystems, enable decentralized applications to execute predefined operations without intermediaries. Their ability to enforce trustless interactions has made them a core component of platforms such…

Cryptography and Security · Computer Science 2025-06-10 Mesut Ozdag

Smart contracts are self-executing programs on blockchain platforms like Ethereum, which have revolutionized decentralized finance by enabling trustless transactions and the operation of decentralized applications. Despite their potential,…

Software Engineering · Computer Science 2026-03-25 Gerardo Iuliano , Dario Di Nucci

While AI-coding assistants accelerate software development, current testing frameworks struggle to keep pace with the resulting volume of AI-generated code. Traditional fuzzing techniques often allocate resources uniformly and lack semantic…

Software Engineering · Computer Science 2026-02-13 Ziyi Yang , Kalit Inani , Keshav Kabra , Vima Gupta , Anand Padmanabha Iyer

Cyber-physical systems (CPSs) in critical infrastructure face a pervasive threat from attackers, motivating research into a variety of countermeasures for securing them. Assessing the effectiveness of these countermeasures is challenging,…

Software Engineering · Computer Science 2020-07-17 Yuqi Chen , Bohan Xuan , Christopher M. Poskitt , Jun Sun , Fan Zhang

Fuzzing has become a popular technique for automatically detecting vulnerabilities and bugs by generating unexpected inputs. In recent years, the fuzzing process has been integrated into continuous integration workflows (i.e., continuous…

Software Engineering · Computer Science 2026-02-06 Tatsuya Shirai , Olivier Nourry , Yutaro Kashiwa , Kenji Fujiwara , Hajimu Iida

Patch fuzzing is a technique aimed at identifying vulnerabilities that arise from newly patched code. While researchers have made efforts to apply patch fuzzing to testing JavaScript engines with considerable success, these efforts have…

Cryptography and Security · Computer Science 2025-05-02 Junjie Wang , Yuhan Ma , Xiaofei Xie , Xiaoning Du , Xiangwei Zhang

Smart contracts are immutable, verifiable, and autonomous pieces of code that can be deployed and ran on blockchain networks like Ethereum. Due to the immutability nature of blockchain, no change is possible on a deployed smart contract or…

Software Engineering · Computer Science 2019-12-25 Erfan Andesta , Fathiyeh Faghih , Mahdi Fooladgar

Automatic test generation typically aims to generate inputs that explore new paths in the program under test in order to find bugs. Existing work has, therefore, focused on guiding the exploration toward program parts that are more likely…

Software Engineering · Computer Science 2019-05-20 Valentin Wüstholz , Maria Christakis

Coverage guided fuzzing (CGF) is an effective testing technique which has detected hundreds of thousands of bugs from various software applications. It focuses on maximizing code coverage to reveal more bugs during fuzzing. However, a…

Software Engineering · Computer Science 2022-05-03 Ruixiang Qian , Quanjun Zhang , Chunrong Fang , Lihua Guo

Smart contracts are prone to various vulnerabilities, leading to substantial financial losses over time. Current analysis tools mainly target vulnerabilities with fixed control or data-flow patterns, such as re-entrancy and integer…

Cryptography and Security · Computer Science 2024-05-07 Yuqiang Sun , Daoyuan Wu , Yue Xue , Han Liu , Haijun Wang , Zhengzi Xu , Xiaofei Xie , Yang Liu

The purpose of continuous fuzzing platforms is to enable fuzzing for software projects via \emph{fuzz harnesses} -- but as the projects continue to evolve, are these harnesses updated in lockstep, or do they run out of date? If these…

Software Engineering · Computer Science 2025-05-12 Philipp Görz , Joschua Schilling , Thorsten Holz , Marcel Böhme
‹ Prev 1 3 4 5 6 7 10 Next ›