, Enhancing symbolic execution with VeriTesting, Proceedings of the 36th International Conference on Software Engineering, ICSE '14, 2014.
DOI : 10.1145/2568225.2568293
, Statically-directed dynamic automated test generation, ISSTA. ACM, 2011.
, WYSINWYX, ACM Transactions on Programming Languages and Systems, vol.32, issue.6, 2010.
DOI : 10.1145/1749608.1749612
, Binary-Level Testing of Embedded Programs, 2013 13th International Conference on Quality Software, 2013.
DOI : 10.1109/QSIC.2013.49
, An All-in-One Toolkit for Automated White-Box Testing, Tests and Proofs -8th International Conference, 2014.
DOI : 10.1007/978-3-319-09099-3_4
, Sound and Quasi-Complete Detection of Infeasible Test Requirements, 2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST), 2015.
DOI : 10.1109/ICST.2015.7102607
, Osmose: Automatic structural testing of executables. Software Testing, Verification Reliability, 2011.
, The BINCOA Framework for Binary Code Analysis, Computer Aided Verification -23rd International Conference, CAV 2011, 2011.
DOI : 10.1007/978-3-642-14295-6_27
URL : https://hal.archives-ouvertes.fr/hal-01006499
, Refinement-Based CFG Reconstruction from Unstructured Programs, Verification, Model Checking, and Abstract Interpretation -12th International Conference, VMCAI 2011, 2011.
DOI : 10.1007/978-3-642-14295-6_27
, A few billion lines of code later, Communications of the ACM, vol.53, issue.2, p.2010
DOI : 10.1145/1646353.1646374
, Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications, 2008 IEEE Symposium on Security and Privacy (sp 2008), 2008.
DOI : 10.1109/SP.2008.17
URL : http://www.cs.cmu.edu/~dbrumley/pubs/apeg.pdf
, Boolector: An Efficient SMT Solver for Bit-Vectors and Arrays, TACAS, 2009.
DOI : 10.1007/978-3-540-78800-3_24
URL : http://fmv.jku.at/papers/BrummayerBiere-TACAS09.pdf
, Undangle: early detection of dangling pointers in use-after-free and double-free vulnerabilities, Proceedings of the 2012 International Symposium on Software Testing and Analysis, ISSTA 2012, 2012.
DOI : 10.1145/2338965.2336769
, Unassisted and automatic generation of high-coverage tests for complex systems programs, Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation, OSDI'08. USENIX Association, 2008.
, Exe: Automatically generating inputs of death, Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS '06, 2006.
, Symbolic execution for software testing, Communications of the ACM, vol.56, issue.2, p.2013
DOI : 10.1145/2408776.2408795
, Bugalyze.com -detecting bugs using decompilation and data flow analysis, BlackHatUSA, 2013.
, Unleashing Mayhem on Binary Code, 2012 IEEE Symposium on Security and Privacy, 2012.
DOI : 10.1109/SP.2012.31
URL : http://doi.org/10.1109/sp.2012.31
, Unleashing Mayhem on Binary Code, 2012 IEEE Symposium on Security and Privacy, 2012.
DOI : 10.1109/SP.2012.31
URL : http://doi.org/10.1109/sp.2012.31
, Behind the scenes in SANTE: a combination of static and dynamic analyses, Automated Software Engineering, vol.25, issue.7, p.2014
DOI : 10.1145/1146238.1146255
URL : https://hal.archives-ouvertes.fr/hal-00818147
, The S2E Platform, ACM Transactions on Computer Systems, vol.30, issue.1
DOI : 10.1145/2110356.2110358
, Verifying systems rules using rule-directed symbolic execution, Architectural Support for Programming Languages and Operating Systems, ASPLOS, 2013.
DOI : 10.1145/2451116.2451152
, Cyber grand challenge
, Specification of concretization and symbolization policies in symbolic execution, Proceedings of the 25th International Symposium on Software Testing and Analysis, ISSTA 2016, 2016.
DOI : 10.1109/ASE.2004.1342749
URL : https://hal.archives-ouvertes.fr/hal-01721492
, BINSEC/SE: A Dynamic Symbolic Execution Toolkit for Binary-Level Analysis, 2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering (SANER), 2016.
DOI : 10.1109/SANER.2016.43
URL : https://hal.archives-ouvertes.fr/hal-01721502
, BINSEC: Binary Code Analysis with Low-Level Regions, TACAS 2015, 2015.
DOI : 10.1007/978-3-662-46681-0_17
, Reil: A platform-independent intermediate representation of disassembled code for static code analysis. CanSecWest, 2009.
, A Comparative Study of Industrial Static Analysis Tools, Electronic Notes in Theoretical Computer Science, vol.217, 2008.
DOI : 10.1016/j.entcs.2008.06.039
, Statically detecting use after free on binary code, Journal of Computer Virology and Hacking Techniques, vol.89, issue.3, p.2014
DOI : 10.1016/S1571-0661(04)81042-9
, Guided Dynamic Symbolic Execution Using Subgraph Control-Flow Information, Proceedings of SEFM, 2016.
DOI : 10.1109/ICSE.2015.80
, Higher-order test generation, Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2011, 2011.
DOI : 10.1145/1993498.1993529
URL : http://research.microsoft.com/en-us/um/people/pg/public_psfiles/pldi2011.pdf
, Dart: Directed automated random testing, SIGPLAN Not, vol.40, issue.6, 2005.
, Automated whitebox fuzz testing, Proceedings of the Network and Distributed System Security Symposium, NDSS 2008, 2008.
, SAGE, Communications of the ACM, vol.55, issue.3, p.2012
DOI : 10.1145/2093548.2093564
, Pointsto: Static use-after-free detector for c/c++. https://blog.trailofbits.com/2016/03/09/the- problem-with-dynamic-program-analysis
, Dowsing for overflows: A guided fuzzer to find buffer boundary violations, Proceedings of the 22Nd USENIX Conference on Security, SEC'13. USENIX Association, 2013.
, Hex-rays decompiler
, Undecidability of static analysis, ACM Letters on Programming Languages and Systems, vol.1, issue.4, 1992.
DOI : 10.1145/161494.161501
, Preventing Use-after-free with Dangling Pointers Nullification, Proceedings 2015 Network and Distributed System Security Symposium, 2015.
DOI : 10.14722/ndss.2015.23238
, Dynamically validating static memory leak warnings, Proceedings of the 2013 International Symposium on Software Testing and Analysis, ISSTA 2013, 2013.
DOI : 10.1145/2483760.2483778
URL : http://www.ics.uci.edu/~guoqingx/papers/li-issta13.pdf
, Hybrid Concolic Testing, 29th International Conference on Software Engineering (ICSE'07), 2007.
DOI : 10.1109/ICSE.2007.41
, Softbound: highly compatible and complete spatial memory safety for c, PLDI, pp.245-258, 2009.
, CETS, Proceedings of the 2010 international symposium on Memory management, ISMM '10, 2010.
DOI : 10.1145/1806651.1806657
, Valgrind: A framework for heavyweight dynamic binary instrumentation. SIGPLAN Not, 2007.
, Cute: A concolic unit testing engine for C. SIGSOFT Softw, Eng. Notes, issue.5, p.30, 2005.
, Addresssanitizer: A fast address sanity checker, Proceedings of the 2012 USENIX Conference on Annual Technical Conference, USENIX ATC'12. USENIX Association, 2012.
, Driller: Augmenting Fuzzing Through Selective Symbolic Execution, Proceedings 2016 Network and Distributed System Security Symposium, 2016.
DOI : 10.14722/ndss.2016.23368
URL : https://doi.org/10.14722/ndss.2016.23368
, Fuzzing: Brute Force Vulnerability Discovery, 2007.
, On-the-fly generation of K-path tests for C functions, Proceedings. 19th International Conference on Automated Software Engineering, 2004., 2004.
DOI : 10.1109/ASE.2004.1342749
, Fitness-guided path exploration in dynamic symbolic execution, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks, 2009.
DOI : 10.1109/DSN.2009.5270315
, Execution synthesis, Proceedings of the 5th European conference on Computer systems, EuroSys '10, 2010.
DOI : 10.1145/1755913.1755946
, Regular Property Guided Dynamic Symbolic Execution, 2015 IEEE/ACM 37th IEEE International Conference on Software Engineering, 2015.
DOI : 10.1109/ICSE.2015.80