SCOPUS 정보 검색 플랫폼

Proceedings - International Conference on Software Engineering

Volumn , Issue , 2009, Pages 474-484

Taint-based directed whitebox fuzzing

(3) Ganesh, Vijay a Leek, Tim b Rinard, Martin a

a MASSACHUSETTS INSTITUTE OF TECHNOLOGY (United States)

b MIT LINCOLN LABORATORY (United States)

Author keywords

[No Author keywords available]

Indexed keywords

INPUT FILES; LARGE PROGRAMS; OPEN-SOURCE; PROGRAM ATTACKS; SYNTACTIC STRUCTURE; TEST FILES; TEST INPUTS; TESTING PROGRAMS; WHITE BOX;

COMPUTER SOFTWARE; ERRORS; SYNTACTICS; TESTING;

SEED;

EID: 77949898398 PISSN: 02705257 EISSN: None Source Type: Conference Proceeding
DOI: 10.1109/ICSE.2009.5070546 Document Type: Conference Paper

Times cited : (316)

References (24)

1
- 77949906542
- Adobe macromedia shockwave flash file format. http://en.wikipedia.org/ wiki/Adobe-Flash.
- Adobe macromedia shockwave flash file format

2
- 77949877700
- Gnome and freedesktop enviroments. http: //en.wikipedia.org/wiki/ Freedesktop.org.
- Gnome and freedesktop

3
- 77949879845
- Wikipedia entry on fuzzing
- Wikipedia entry on fuzzing. http://en.wikipedia.org/wiki/Fuzz-testing.

4
- 77949908403
- T. Andersson. Mupdf: A pdf viewer. http://ccxvii.net/fitz/.
- Mupdf: A pdf viewer
- Andersson, T.¹

5
- 47249130414
- Rwset: Attacking path explosion in constraint-based test generation
- P. Boonstoppel, C. Cadar, and D. R. Engler. Rwset: Attacking path explosion in constraint-based test generation. In TACAS, pages 351-366, 2008.
- (2008) TACAS , pp. 351-366
- Boonstoppel, P.¹ Cadar, C.² Engler, D.R.³

6
- 77952403312
- Polyglot: Automatic extraction of protocol message format using dynamic binary analysis
- New York, NY, USA, ACM
- J. Caballero, H. Yin, Z. Liang, and D. Song. Polyglot: automatic extraction of protocol message format using dynamic binary analysis. In CCS '07: Proceedings of the 14th ACM conference on Computer and communications security, pages 317-329, New York, NY, USA, 2007. ACM.
- (2007) CCS '07: Proceedings of the 14th ACM conference on Computer and communications security , pp. 317-329
- Caballero, J.¹ Yin, H.² Liang, Z.³ Song, D.⁴

7
- 34547241782
- EXE: Automatically generating inputs of death
- October-November
- C. Cadar, V. Ganesh, P. Pawlowski, D. Dill, and D. Engler. EXE: Automatically generating inputs of death. In Proceedings of the 13th ACM Conference on Computer and Communications Security, October-November 2006.
- (2006) Proceedings of the 13th ACM Conference on Computer and Communications Security
- Cadar, C.¹ Ganesh, V.² Pawlowski, P.³ Dill, D.⁴ Engler, D.⁵

8
- 58149182029
- J. DeMott. The evolving art of fuzzing. http://www.vdalabs.com/tools/The- Evolving-Art-of-Fuzzing.pdf, 2006.
- (2006) The evolving art of fuzzing
- DeMott, J.¹

9
- 67650067282
- Grammar-based whitebox fuzzing
- P. Godefroid, A. Kiezun, and M. Y. Levin. Grammar-based whitebox fuzzing. In PLDI, pages 206-215, 2008.
- (2008) PLDI , pp. 206-215
- Godefroid, P.¹ Kiezun, A.² Levin, M.Y.³

10
- 31844450371
- Dart: Directed automated random testing
- New York, NY, USA, ACM
- P. Godefroid, N. Klarlund, and K. Sen. Dart: directed automated random testing. In PLDI '05: Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation, pages 213-223, New York, NY, USA, 2005. ACM.
- (2005) PLDI '05: Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation , pp. 213-223
- Godefroid, P.¹ Klarlund, N.² Sen, K.³

11
- 76649118933
- Automated whitebox fuzz testing
- P. Godefroid, M. Y. Levin, and D. Molnar. Automated whitebox fuzz testing. In Network and Distributed Systems Security Symposium, 2008.
- (2008) Network and Distributed Systems Security Symposium
- Godefroid, P.¹ Levin, M.Y.² Molnar, D.³

12
- 33847125360
- A functional method for assessing protocol implementation security
- Technical Report 448, VTT Electronics, 2001
- R. Kaksonen. A functional method for assessing protocol implementation security. Technical Report 448, VTT Electronics, 2001.
- Kaksonen, R.¹

13
- 85077733517
- High coverage detection of input-related security facults
- Berkeley, CA, USA, USENIX Association
- E. Larson and T. Austin. High coverage detection of input-related security facults. In SSYM'03: Proceedings of the 12th conference on USENIX Security Symposium, pages 9-9, Berkeley, CA, USA, 2003. USENIX Association.
- (2003) SSYM'03: Proceedings of the 12th conference on USENIX Security Symposium , pp. 9-9
- Larson, E.¹ Austin, T.²

14
- 52649153312
- Coverage maximization using dynamic taint tracing
- Technical Report TR-1112, MIT Lincoln Laboratory
- T. Leek, G. Baker, R. Brown, M. Zhivich, and R. Lippmann. Coverage maximization using dynamic taint tracing. Technical Report TR-1112, MIT Lincoln Laboratory, 2007.
- (2007)
- Leek, T.¹ Baker, G.² Brown, R.³ Zhivich, M.⁴ Lippmann, R.⁵

15
- 77950472916
- Deriving input syntactic structure from execution
- Atlanta, GA, USA, November
- Z. Lin and X. Zhang. Deriving input syntactic structure from execution. In Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE'08), Atlanta, GA, USA, November 2008.
- (2008) Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE'08)
- Lin, Z.¹ Zhang, X.²

16
- 77949885732
- B. Miller. Fuzzing website. http://pages.cs.wisc.edu/~bart/fuzz/fuzz. html, 2008.
- (2008) Fuzzing website
- Miller, B.¹

17
- 0025557712
- An empirical study of the reliability of unix utilities
- B. P. Miller, L. Fredriksen, and B. So. An empirical study of the reliability of unix utilities. Commun. ACM, 33(12):32-44, 1990.
- (1990) Commun. ACM , vol.33 , Issue.12 , pp. 32-44
- Miller, B.P.¹ Fredriksen, L.² So, B.³

18
- 77949876745
- D. Molnar and D. Wagner. Catchconv: Symbolic execution and run-time type inference for integer conversion errors. Technical Report UCB/EECS-2007-23, University of California, Berkeley, CA, Feb 2007.
- D. Molnar and D. Wagner. Catchconv: Symbolic execution and run-time type inference for integer conversion errors. Technical Report UCB/EECS-2007-23, University of California, Berkeley, CA, Feb 2007.

19
- 27544444280
- Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on comnodity software
- J. Newsome and D. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on comnodity software. In NDSS, 2005.
- (2005) NDSS
- Newsome, J.¹ Song, D.²

20
- 84871349041
- Automatically hardening web applications using precise tainting
- A. Nguyen-Tuong, S. Guarnieri, D. Greene, J. Shirley, and D. Evans. Automatically hardening web applications using precise tainting. In IFIP Security, 2005.
- (2005) IFIP Security
- Nguyen-Tuong, A.¹ Guarnieri, S.² Greene, D.³ Shirley, J.⁴ Evans, D.⁵

21
- 77949880700
- B. Otte and D. Schleef. Swfdec: A flash animation player. http://swfdec.freedesktop.org/wiki/.
- Swfdec: A flash animation player
- Otte, B.¹ Schleef, D.²

22
- 32344447459
- Cute: A concolic unit testing engine for c
- K. Sen, D. Marinov, and G. Agha. Cute: a concolic unit testing engine for c. SIGSOFT Softw. Eng. Notes, 30(5):263-272, 2005.
- (2005) SIGSOFT Softw. Eng. Notes , vol.30 , Issue.5 , pp. 263-272
- Sen, K.¹ Marinov, D.² Agha, G.³

23
- 44149112234
- Addison-Wesley Professional, 1 edition, July
- M. Sutton, A. Greene, and P. Amini. Fuzzing: Brute Force Vulnerability Discovery. Addison-Wesley Professional, 1 edition, July 2007.
- (2007) Fuzzing: Brute Force Vulnerability Discovery
- Sutton, M.¹ Greene, A.² Amini, P.³

24
- 56549114981
- Automatic network protocol analysis
- G.Wondracek, P. M. Comparetti, C. Kruegel, and E. Kirda. Automatic network protocol analysis. In Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS08, 2008.
- (2008) Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS08
- Wondracek, G.¹ Comparetti, P.M.² Kruegel, C.³ Kirda, E.⁴

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.