Automated detection of software vulnerabilities is a fundamental problem in software
security. Existing program analysis techniques either suffer from high false positives or false …

Background: Software vulnerabilities are weaknesses in source code that might be exploited
to cause harm or loss. Previous work has proposed a number of automated machine …

The capability of executing so-called smart contracts in a decentralised manner is one of the
compelling features of modern blockchains. Smart contracts are fully fledged programs …

Internet of things (IoT) devices make up 30% of all network-connected endpoints,
introducing vulnerabilities and novel attacks that make many companies as primary targets …

The vast majority of security breaches encountered today are a direct result of insecure
code. Consequently, the protection of computer systems critically depends on the rigorous …

As one of the most popular software testing techniques, fuzzing can find a variety of
weaknesses in a program, such as software bugs and vulnerabilities, by generating …

Android phones often carry personal information, attracting malicious developers to embed
code in Android applications to steal sensitive data. With known techniques in the literature …

Fuzz testing has proven successful in finding security vulnerabilities in large programs.
However, traditional fuzz testing tools have a well-known common drawback: they are …

We present VERISMART, a highly precise verifier for ensuring arithmetic safety of Ethereum
smart contracts. Writing safe smart contracts without unintended behavior is critically …

Taint-style vulnerabilities are a persistent problem in software development, as the recently
discovered" Heart bleed" vulnerability strikingly illustrates. In this class of vulnerabilities …