Improving Function Coverage with Munch: A Hybrid Fuzzing and Directed Symbolic Execution Approach

November 26, 2017 Β· Declared Dead Β· πŸ› ACM Symposium on Applied Computing

πŸ‘» CAUSE OF DEATH: Ghosted
No code link whatsoever

"No code URL or promise found in abstract"

Evidence collected by the PWNC Scanner

Authors Saahil Ognawala, Thomas Hutzelmann, Eirini Psallida, Alexander Pretschner arXiv ID 1711.09362 Category cs.SE: Software Engineering Citations 54 Venue ACM Symposium on Applied Computing Last Checked 4 months ago
Abstract
Fuzzing and symbolic execution are popular techniques for finding vulnerabilities and generating test-cases for programs. Fuzzing, a blackbox method that mutates seed input values, is generally incapable of generating diverse inputs that exercise all paths in the program. Due to the path-explosion problem and dependence on SMT solvers, symbolic execution may also not achieve high path coverage. A hybrid technique involving fuzzing and symbolic execution may achieve better function coverage than fuzzing or symbolic execution alone. In this paper, we present Munch, an open source framework implementing two hybrid techniques based on fuzzing and symbolic execution. We empirically show using nine large open-source programs that overall, Munch achieves higher (in-depth) function coverage than symbolic execution or fuzzing alone. Using metrics based on total analyses time and number of queries issued to the SMT solver, we also show that Munch is more efficient at achieving better function coverage.
Community shame:
Not yet rated
πŸ“„ View on arXiv 🌐 View on ar5iv πŸ“‘ PDF πŸŽ‰ Report Code Found
Community Contributions

Found the code? Know the venue? Think something is wrong? Let us know!

πŸ“œ Similar Papers

In the same crypt β€” Software Engineering

Died the same way β€” πŸ‘» Ghosted