Fuzzing is an effective and widely used technique for finding security bugs and
vulnerabilities in software. It inputs irregular test data into a target program to try to trigger a …

System emulation and firmware re-hosting have become popular techniques to answer
various security and performance related questions, such as determining whether a …

Among the many software testing techniques available today, fuzzing has remained highly
popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of …

Finding and exploiting vulnerabilities in binary code is a challenging task. The lack of high-
level, semantically rich information about data structures and control constructs makes the …

Memory corruption vulnerabilities are an everpresent risk in software, which attackers can
exploit to obtain unauthorized access to confidential information. As products with access to …

When it comes to software analysis, several approaches exist from heuristic techniques to
formal methods, which are helpful at solving different kinds ofproblems. Unfortunately very …

In spite of their effectiveness in the context of vulnerability discovery, current state-of-the-art
binary program analysis approaches are limited by inherent trade-offs between accuracy …

Authors' addresses: Valentin JM Manès, KAIST CSRC, 291 Daehak-ro, Yuseong-gu,
Daejeon, 34141, Korea, valentin. manes@ kaist. ac. kr; HyungSeok Han, KAIST, 291 …

Security analysis often requires understanding both the control and data-flow structure of a
binary. We introduce a new program representation, a hybrid information-and control-flow …

Fuzz testing consists of automatically generating and sending malicious inputs to an
application in order to hopefully trigger a vulnerability. In order to be efficient, the fuzzing …