English
Related papers

Related papers: Detecting Buggy Contracts via Smart Testing

200 papers

Blockchain has become particularly popular due to its promise to support business-critical services in very different domains (e.g., retail, supply chains, healthcare). Blockchain systems rely on complex middleware, like Ethereum or…

Software Engineering · Computer Science 2020-10-23 Ákos Hajdu , Naghmeh Ivaki , Imre Kocsis , Attila Klenik , László Gönczy , Nuno Laranjeiro , Henrique Madeira , András Pataricza

Deep Learning (DL) libraries such as PyTorch provide the core components to build major AI-enabled applications. Finding bugs in these libraries is important and challenging. Prior approaches have tackled this by performing either API-level…

Software Engineering · Computer Science 2025-09-19 Feiran Qin , M. M. Abid Naziri , Hengyu Ai , Saikat Dutta , Marcelo d'Amorim

Fuzzing has become one of the most effective bug finding approach for software. In recent years, 24*7 continuous fuzzing platforms have emerged to test critical pieces of software, e.g., Linux kernel. Though capable of discovering many bugs…

Cryptography and Security · Computer Science 2021-11-12 Xiaochen Zou , Guoren Li , Weiteng Chen , Hang Zhang , Zhiyun Qian

Decentralized Finance (DeFi) is emerging as a peer-to-peer financial ecosystem, enabling participants to trade products on a permissionless blockchain. Built on blockchain and smart contracts, the DeFi ecosystem has experienced explosive…

Cryptography and Security · Computer Science 2023-09-07 Peng Qian , Rui Cao , Zhenguang Liu , Wenqing Li , Ming Li , Lun Zhang , Yufeng Xu , Jianhai Chen , Qinming He

Smart contracts are autonomous and immutable pieces of code that are deployed on blockchain networks and run by miners. They were first introduced by Ethereum in 2014 and have since been used for various applications such as security…

Software Engineering · Computer Science 2024-07-08 Mahdi Fooladgar , Fathiyeh Faghih

Smart contracts play a pivotal role in blockchain ecosystems, and fuzzing remains an important approach to securing smart contracts. Even though mutation scheduling is a key factor influencing fuzzing effectiveness, existing fuzzers have…

Software Engineering · Computer Science 2025-07-17 Keke Gai , Haochen Liang , Jing Yu , Liehuang Zhu , Dusit Niyato

In the evolving landscape of integrated circuit (IC) design, the increasing complexity of modern processors and intellectual property (IP) cores has introduced new challenges in ensuring design correctness and security. The recent…

Cryptography and Security · Computer Science 2025-11-07 Raghul Saravanan , Sudipta Paria , Aritra Dasgupta , Venkat Nitin Patnala , Swarup Bhunia , Sai Manoj P D

Smart contracts are programs running on a blockchain. They are immutable to change, and hence can not be patched for bugs once deployed. Thus it is critical to ensure they are bug-free and well-designed before deployment. A Contract defect…

Software Engineering · Computer Science 2020-04-20 Jiachi Chen , Xin Xia , David Lo , John Grundy , Daniel Xiapu Luo , Ting Chen

Fuzzing is a widely used technique for detecting software bugs and vulnerabilities. Most popular fuzzers generate new inputs using an evolutionary search to maximize code coverage. Essentially, these fuzzers start with a set of seed inputs,…

Software Engineering · Computer Science 2020-09-14 Dongdong She , Rahul Krishna , Lu Yan , Suman Jana , Baishakhi Ray

We present a coverage-guided testing algorithm for distributed systems implementations. Our main innovation is the use of an abstract formal model of the system that is used to define coverage. Such abstract models are frequently developed…

Software Engineering · Computer Science 2025-09-03 Ege Berkay Gulcan , Burcu Kulahcioglu Ozkan , Rupak Majumdar , Srinidhi Nagendra

Smart contracts are programs that execute transactions involving independent parties and cryptocurrencies. As programs, smart contracts are susceptible to a wide range of errors and vulnerabilities. Such vulnerabilities can result in…

Cryptography and Security · Computer Science 2023-07-03 Sundas Munir , Walid Taha

Fuzzing is a popular vulnerability automated testing method utilized by professionals and broader community alike. However, despite its abilities, fuzzing is a time-consuming, computationally expensive process. This is problematic for the…

Software Engineering · Computer Science 2023-07-25 Michael Wang , Michael Robinson

In recent years, smart contracts have suffered major exploits, costing millions of dollars. Unlike traditional programs, smart contracts are deployed on a blockchain. As such, they cannot be modified once deployed. Though various tools have…

Cryptography and Security · Computer Science 2020-03-16 Christof Ferreira Torres , Mathis Baden , Robert Norvill , Beltran Borja Fiz Pontiveros , Hugo Jonker , Sjouke Mauw

As researchers, we already understand how to make testing more effective and efficient at finding bugs. However, as fuzzing (i.e., automated testing) becomes more widely adopted in practice, practitioners are asking: Which assurances does a…

Software Engineering · Computer Science 2018-12-18 Marcel Böhme

Patching severe security flaws in complex software remains a major challenge. While automated tools like fuzzers efficiently discover bugs, fixing deep-rooted low-level faults (e.g., use-after-free and memory corruption) still requires…

Software Engineering · Computer Science 2026-04-07 Maolin Sun , Yibiao Yang , Xuanlin Liu , Yuming Zhou , Baowen Xu

As mobile application (app) functionalities grow increasingly complex and their iterations accelerate, ensuring high reliability presents significant challenges. While functionality-oriented GUI testing has attracted growing research…

Software Engineering · Computer Science 2026-02-16 Jinlong He , Changwei Xia , Binru Huang , Jiwei Yan , Jun Yan , Jian Zhang

This paper presents VulnSense framework, a comprehensive approach to efficiently detect vulnerabilities in Ethereum smart contracts using a multimodal learning approach on graph-based and natural language processing (NLP) models. Our…

Cryptography and Security · Computer Science 2023-09-18 Phan The Duy , Nghi Hoang Khoa , Nguyen Huu Quyen , Le Cong Trinh , Vu Trung Kien , Trinh Minh Hoang , Van-Hau Pham

Library fuzzing is essential for hardening the software supply chain, but adopting it at scale remains expensive. Practitioners still spend substantial effort on environment setup, struggle to generate harnesses that respect intricate API…

Software Engineering · Computer Science 2026-05-15 Yunlong Lyu , Peng Chen , Fengyi Wu , Junzhe Yu , Kit Long Hon , Hao Chen

Static analysis plays a crucial role in software vulnerability detection, yet faces a persistent precision-scalability tradeoff. In large codebases like the Linux kernel, traditional static analysis tools often generate excessive false…

Software Engineering · Computer Science 2025-06-03 Haonan Li , Hang Zhang , Kexin Pei , Zhiyun Qian

Fuzzing has proven to be a fundamental technique to automated software testing but also a costly one. With the increased adoption of CI/CD practices in software development, a natural question to ask is `What are the best ways to integrate…

Software Engineering · Computer Science 2022-06-08 Thijs Klooster , Fatih Turkmen , Gerben Broenink , Ruben ten Hove , Marcel Böhme