Blogs (1) >>
ICSE 2019
Sat 25 - Fri 31 May 2019 Montreal, QC, Canada
ICSE 2019 (series) / Technical Track /

Grey-box Concolic Testing on Binary Code

Artifacts AvailableTechnical TrackIndustry Program
Jaeseung Choi, Joonun Jang, Choongwoo Han, Sang Kil Cha
ICSE 2019 Technical Track
Fri 31 May 2019 11:40 - 12:00 at Duluth - Fuzzing Chair(s): Marcel Böhme

We present grey-box concolic testing, a novel path-based test case generation method that combines the best of both white-box and grey-box fuzzing. At a high level, our technique systematically explores execution paths of a program under test as in white-box fuzzing, a.k.a. concolic testing, while not giving up the simplicity of grey-box fuzzing: it only uses a lightweight instrumentation, and it does not rely on an SMT solver. We implemented our technique in a system called Eclipser, and compared it to the state-of-the-art grey-box fuzzers (including AFLFast, LAF-intel, Steelix, and VUzzer) as well as a symbolic executor (KLEE). In our experiments, we achieved higher code coverage and found more bugs than the other tools.

Jaeseung Choi
Jaeseung Choi
KAIST
South Korea
Joonun Jang
Joonun Jang
Samsung Research, Samsung Electronics
South Korea
small-avatar
Choongwoo Han
NAVER Corporation
South Korea
Sang Kil Cha
Sang Kil Cha
KAIST
South Korea

Fri 31 May

Displayed time zone: Eastern Time (US & Canada) change

11:00 - 12:30
FuzzingTechnical Track / Papers at Duluth
Chair(s): Marcel Böhme Monash University
11:00
20m
Talk
SLF: Fuzzing without Valid Seed InputsTechnical TrackIndustry Program
Technical Track
Wei You Purdue University, Xuwei Liu Zhejiang University, Shiqing Ma Purdue University, USA, David Mitchel Perry Purdue University, Xiangyu Zhang Purdue University, Bin Liang Renmin University of China, China
11:20
20m
Talk
Superion: Grammar-Aware Greybox FuzzingTechnical Track
Technical Track
Junjie Wang Nanyang Technological University, Bihuan Chen Fudan University, Lei Wei Nanyang Technological University, Yang Liu Nanyang Technological University, Singapore
11:40
20m
Talk
Grey-box Concolic Testing on Binary CodeArtifacts AvailableTechnical TrackIndustry Program
Technical Track
Jaeseung Choi KAIST, Joonun Jang Samsung Research, Samsung Electronics, Choongwoo Han NAVER Corporation, Sang Kil Cha KAIST
12:00
20m
Talk
REST-ler: Stateful REST API FuzzingTechnical TrackIndustry Program
Technical Track
Vaggelis Atlidakis Columbia University, Patrice Godefroid Microsoft Research, Marina Polishchuk Microsoft
Link to publication
12:20
10m
Talk
Discussion Period
Papers