_1.png)
Software Debloating 论文阅读 (12)UI Driven Andorid Application Reduction
@inproceedings{huang2017ui, title={UI driven Android application reduction}, author={Huang, Jianjun and Aafer, Yousra and Perry, David and Zhang, Xiangyu and Tian, Chen}, booktitle={2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE)}, pages={286--296}, year={2017&#..
Read more
通过不变量的反例引导的定向Fuzzing
Counterexample-Guided Directed Fuzzing via Likely Invariant Inference 引用:Huang H, Zhou A, Payer M, et al. Everything is Good for Something: Counterexample-Guided Directed Fuzzing via Likely Invariant Inference[C], 2024 IEEE Symposium on Security and Privacy (SP). IEEE Computer Society, 2024: 142-142. CCF A S&P , IEEE Symposium on Security and Privacy ..
Read more
不变量作为fuzzers的反馈
The use of likely invariants as feedback for fuzzers 引用:Fioraldi A, D’Elia D C, Balzarotti D. The use of likely invariants as feedback for fuzzers[C], 30th USENIX Security Symposium (USENIX Security 21). 2021: 2829-2846. CCF A USENIX Security 链接 代码 0 摘要 动机 模糊测试已经被证明是发现程序漏洞的有效技术,但仍存在一些开放的挑战。 其中一个主要挑战是,广受欢迎的基于覆盖率引导的模糊测试会尽可能的将测试用例覆盖程序的不同部分,但仅仅考虑覆盖率可能并不能充..
Read more
使用不变量在回归测试和错误定位
Using automatically generated invariants for regression testing and bug localization 引用:Sagdeo P, Ewalt N, Pal D, et al. Using automatically generated invariants for regression testing and bug localization[C], 2013 28th IEEE/ACM International Conference on Automated Software Engineering (ASE). IEEE, 2013: 634-639. CCF A ASE 链接 1 介绍 在软件开发和部署后,检测和定位软件中的错误..
Read moreDaikon论文
1 The Daikon system for dynamic detection of likely invariants 引用:Ernst M D, Perkins J H, Guo P J, et al. The Daikon system for dynamic detection of likely invariants[J]. Science of computer programming, 2007, 69(1-3): 35-45. 0 摘要 Daikon是一个动态检测不变量的工具 不变量是在程序的某个点或点上保持的属性;这些通常用于assert语句、文档和形式规范。例如包括常数(x = a)、非零(x ≠ 0)、处于范围内(a ≤ x ≤ b)、线性关系(y = ax + b)、排序(..
Read more人工分类动态不变量的用户研究
Understanding user understanding: determining correctness of generated program invariants 引用:Staats M, Hong S, Kim M, et al. Understanding user understanding: determining correctness of generated program invariants[C],Proceedings of the 2012 International Symposium on Software Testing and Analysis. 2012: 188-198. 等级:CCF A ISSTA 链接 1 介绍 问题:软件测试涉及两部分,test..
Read moreSoftware Debloating 论文阅读 (9) OCCAM
@inproceedings{malecha2015automated, title={Automated software winnowing}, author={Malecha, Gregory and Gehani, Ashish and Shankar, Natarajan}, booktitle={Proceedings of the 30th Annual ACM Symposium on Applied Computing}, pages={1504--1511}, year={2015} } OCCAM:Automated Software Winno..
Read more_1.png)
Software Debloating 论文阅读 (8) CARVE
@inproceedings{brown2019carve, title={Carve: Practical security-focused software debloating using simple feature set mappings}, author={Brown, Michael D and Pande, Santosh}, booktitle={Proceedings of the 3rd ACM Workshop on Forming an Ecosystem Around Software Transformation}, pages={1--7}, year={..
Read moreSoftware Debloating 论文阅读 (6) DomGad
Subdomain-Based Generality-Aware Debloating @inproceedings{xin2020subdomain, title={Subdomain-based generality-aware debloating}, author={Xin, Qi and Kim, Myeongsoo and Zhang, Qirun and Orso, Alessandro}, booktitle={Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering}, pages..
Read more基于程序不变量计算软件可靠性
基于程序不变量计算软件可靠性 引用:周远, 丁佐华. 基于程序不变量计算软件可靠性[J]. 软件学报, 2015, 26(12): 3075-3087. 0 介绍 软件可靠性的计算依赖于可靠性模型的选取以及所获得的软件失效数据 失效数据的获取对可靠性及模型有非常大的影响[20],因此我们必须考虑是小数据的质量和收集失效数据的方案 目前应用最广泛的针对各个开发阶段失效数据收集的方法是软件测试技术,软件测试包括 3 个要素:选择输入域、执行测试用例和比较输出[22].学者们提出了多种测试方法来获得软件失效数据[23],然而这些方法都是通过比较实际输出结果与期望输出结果得到诸如失效次数、失效用例等的失效数据,而忽略了软件的实时行为和内部结构,从而导致这些数据并不能真实反映软件的真实行为,如: 存在假性..
Read more