Proceedings of the Institute for System Programming of the RAS
RUS  ENG    JOURNALS   PEOPLE   ORGANISATIONS   CONFERENCES   SEMINARS   VIDEO LIBRARY   PACKAGE AMSBIB  
General information
Latest issue
Archive

Search papers
Search references

RSS
Latest issue
Current issues
Archive issues
What is RSS


Proceedings of ISP RAS:
Year:
Volume:
Issue:
Page:
Find




Personal entry:
Login:
Password:
Save password
Enter
Forgotten password?
Register

Proceedings of the Institute for System Programming of the RAS, 2018, Volume 30, Issue 6, Pages 25–38
DOI: https://doi.org/10.15514/ISPRAS-2018-30(6)-2 (Mi tisp375) 		 
This article is cited in 5 scientific papers (total in 5 papers)

Combining dynamic symbolic execution, code static analysis and fuzzing

A. Yu. Gerasimova, S. S. Sargsyanb, S. F. Kurmangaleeva, J. A. Hakobyanb, S. A. Asryanb, M. K. Ermakova

a Ivannikov Institute for System Programming
b Yerevan State University, System Programming Laboratory
Full-text PDF (527 kB) Citations (5)
References:
PDF
HTML
DOI: https://doi.org/10.15514/ISPRAS-2018-30(6)-2
Abstract: This paper describes a new approach for dynamic code analysis. It combines dynamic symbolic execution and static code analysis with fuzzing to increase efficiency of each component. During fuzzing we recover indirect function calls and pass that information to the static analysis engine. This improves static path detection in the control flow graph of a program. Detected paths are used in dynamic symbolic execution to construct inputs which will cover new paths during execution. These inputs are used by the fuzzing tool to improve test-case generation and increase code coverage. The proposed approach can be used for classic fuzzing when the main goal is achieving high code coverage. As well it can be used for targeted analysis of paths and code fragments in the program. In this case the fuzzing tool accepts a set of programs addresses with potential defects and passes them to the static analysis engine. The engine constructs all paths connecting program entry point to the given addresses. Finally, dynamic symbolic execution is used to construct the set of inputs, which will cover these paths. Experimental results have shown that the proposed method can effectively detect different program defects.
Keywords: fuzzing, directed fuzzing, static analysis, path detection, dynamic symbolic execution.
Funding agency Grant number
Russian Foundation for Basic Research 17-07-00702
Research is funded within the scope of RFBR grant 17-07-00702
Bibliographic databases:
Document Type: Article
Language: English
Citation: A. Yu. Gerasimov, S. S. Sargsyan, S. F. Kurmangaleev, J. A. Hakobyan, S. A. Asryan, M. K. Ermakov, “Combining dynamic symbolic execution, code static analysis and fuzzing”, Proceedings of ISP RAS, 30:6 (2018), 25–38
Citation in format AMSBIB
\Bibitem{GerSarKur18}
\by A.~Yu.~Gerasimov, S.~S.~Sargsyan, S.~F.~Kurmangaleev, J.~A.~Hakobyan, S.~A.~Asryan, M.~K.~Ermakov
\paper Combining dynamic symbolic execution, code static analysis and fuzzing
\jour Proceedings of ISP RAS
\yr 2018
\vol 30
\issue 6
\pages 25--38
\mathnet{http://mi.mathnet.ru/tisp375}
\crossref{https://doi.org/10.15514/ISPRAS-2018-30(6)-2}
\elib{https://elibrary.ru/item.asp?id=36825263}
Linking options:
  • https://www.mathnet.ru/eng/tisp375
  • https://www.mathnet.ru/eng/tisp/v30/i6/p25
    • This publication is cited in the following 5 articles:
    Citing articles in Google Scholar: Russian citations, English citations
    Related articles in Google Scholar: Russian articles, English articles
    		Proceedings of the Institute for System Programming of the RAS
    Statistics & downloads:
    Abstract page:227
    Full-text PDF :146
    References:27
     
      Contact us:
    		  Terms of Use  Registration to the website  Logotypes © Steklov Mathematical Institute RAS, 2024