Avoiding exponential explosion: generating compact verification conditions
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Symbolic execution and program testing
Communications of the ACM
SELECT—a formal system for testing and debugging programs by symbolic execution
Proceedings of the international conference on Reliable software
On the effectiveness of address-space randomization
Proceedings of the 11th ACM conference on Computer and communications security
Automatic discovery of API-level exploits
Proceedings of the 27th international conference on Software engineering
DART: directed automated random testing
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
CUTE: a concolic unit testing engine for C
Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering
EXE: automatically generating inputs of death
Proceedings of the 13th ACM conference on Computer and communications security
Compositional dynamic test generation
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Methodology for the Generation of Program Test Data
IEEE Transactions on Computers
The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86)
Proceedings of the 14th ACM conference on Computer and communications security
Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Loop-extended symbolic execution on binary programs
Proceedings of the eighteenth international symposium on Software testing and analysis
ACM Computing Surveys (CSUR)
KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
IEEE Transactions on Software Engineering
Satisfiability modulo theories: introduction and applications
Communications of the ACM
Q: exploit hardening made easy
SEC'11 Proceedings of the 20th USENIX conference on Security
BAP: a binary analysis platform
CAV'11 Proceedings of the 23rd international conference on Computer aided verification
SAGE: whitebox fuzzing for security testing
Communications of the ACM
The S2E Platform: Design, Implementation, and Applications
ACM Transactions on Computer Systems (TOCS) - Special Issue APLOS 2011
Efficient state merging in symbolic execution
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Unleashing Mayhem on Binary Code
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
SMT solvers for software security
WOOT'12 Proceedings of the 6th USENIX conference on Offensive Technologies
Before we knew it: an empirical study of zero-day attacks in the real world
Proceedings of the 2012 ACM conference on Computer and communications security
Improving integer security for systems with KINT
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Memory errors: the past, the present, and the future
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Symbolic execution for software testing: three decades later
Communications of the ACM
| Hi-index | 48.22 |
The idea is to identify security-critical software bugs so they can be fixed first.