期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

面向危险操作的动态符号执行方法 被引量:11

Dynamic Symbolic Execution Method Oriented to Critical Operation
下载PDF
导出
摘要 针对缺陷检测的需求,提出了面向危险操作的动态符号执行方法.依据所关注的缺陷类型,定义危险操作及危险操作相关路径,通过计算覆盖不同上下文中危险操作的能力,协助动态符号执行选择高效初始输入,并利用危险操作相关信息引导测试流程.缺陷检测成为定位待测程序内危险操作以及对危险操作相关路径进行检测的过程.实现了面向Linux平台二进制可执行程序的原型系统Crash Finder,实验结果表明,该方法能够更快地发现更多缺陷. Addressing the requirement for defect detection, this paper proposes critical operation oriented dynamic symbolic execution. First, based on the defined critical operations and the relevant critical paths, a set of initial inputs are evaluated by computing the ability of covering critical operations under different contexts, and efficient initial inputs can be selected for the following dynamic symbolic execution. Second, leveraging the critical operations, dynamic symbolic execution is guided to explore paths which are more prone to defects. In this way, defect detection becomes a process of locating critical operations and exploring critical paths. A prototype system called Crash Finder is implemented and tested on a number of Linux x86 executables. The experimental results show that this approach is effective in initial input evaluation and efficient in defect detection.
作者 王伟光 曾庆凯 孙浩
机构地区 计算机软件新技术国家重点实验室(南京大学) 南京大学计算机科学与技术系
出处 《软件学报》 EI CSCD 北大核心 2016年第5期1230-1245,共16页 Journal of Software
基金 国家自然科学基金(61170070,61572248,61431008,61321491) 国家科技支撑计划(2012BAK26B01)~~
关键词 危险操作 动态符号执行 污点分析 路径选择 缺陷检测 critical operation dynamic symbolic execution taint analysis path selection defect detection
分类号 TP311 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献2

二级参考文献60

  • 1夏一民,罗军,张民选.基于条件范围约束的越界访问检测方法[J].计算机研究与发展,2006,43(10):1760-1766. 被引量:2
  • 2Pezze M, Young M. Software Testing and Analysis:Process, Principles and Techniques. Hoboken, NJ: John Wiley b- Sons, 2007.
  • 3Emanuelsson P, Nilsson U. A comparative study of industrial static analysis tools. Electronic Notes in Theoretical Computer Science, 2008, 217:5-21.
  • 4Bertolino A. Software testing research: Achievements, challenges, dreams//Proceedings of the Future of Software Engi- neering(FOSE'07). Washington, DC, USA.. IEEE Computer Society, 2007:85-103.
  • 5Godefroid P, Klarlund N, Sen K. DART: Directed automated random testing//Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implemen tation(PLDI'05). New York, NY, USA: ACM, 2005: 213-223.
  • 6Sen K, Marinov D, Agha G. CUTE: A concolic unit testing engine for C//Proceedings of the 10th European Software Engineering Conference Held Jointly with 13th ACM SIGSOFT International Symposium on Foundations of Software Engineering ( ESEC/FSE-13 ). New York, NY, USA: ACM, 2005:263-272.
  • 7Sen K, Agha G. CUTE and Jcute: Concolic unit testing and explicit path model checking tools//Proceedings of the 18th International Conference on Computer Aided Verification (CAVe06). Lecture Notes in Computer Science 4144. Berlin, Heidelberg: Springer, 2006:419-423.
  • 8Burnim J, Sen K. Heuristics for scalable dynamic test gener ation//Proceedings of the 23rd IEEE/ACM International Conference on Automated Software Engineering ( ASE ' 08). Washington, DC, USA: IEEE Computer Society, 2008: 443-446.
  • 9Xu R-G, Godefroid P, Majumdar R. Testing for buffer overflows with length abstraction//Proeeedings of the 2008 International Symposium on Software Testing and Analysis (ISS TA'08). New York, NY, USA: ACM, 2008:27-38.
  • 10Evans D, Larochelle D. Improving security using extensible lightweight static analysis. IEEE Software, 2002, 19 (1) : 42-51.

共引文献26

同被引文献42

引证文献11

二级引证文献18

软件学报
2016年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部