id:"swepub:oai:DiVA.org:kth-207388"
Search: id:"swepub:oai:DiVA.org:kth-207388" > OpenSAW :
- 1 of 1
- Previous record
- Next record
- To hitlist
OpenSAW : Open security analysis workbench
- Ben Henda, N. (author)
- Johansson, B. (author)
- Lantz, P. (author)
- show more...
- Norrman, K. (author)
- Saarinen, P. (author)
- show less...
- (creator_code:org_t)
- 2017-03-22
- 2017
- English.
- In: 20th International Conference on Fundamental Approaches to Software Engineering, FASE 2017 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2017. - Berlin, Heidelberg : Springer Berlin/Heidelberg. - 9783662544938 ; , s. 321-337
- Conference paper (peer-reviewed)
Abstract
Subject headings
Close
- Software is today often composed of many sourced componets, which potentially contain security vulnerabilities, and therefore require testing before being integrated. Tools for automated test case generation, for example, based on white-box fuzzing, are beneficial for this testing task. Such tools generally explore limitations of the specific underlying techniques for solving problems related to, for example, constraint solving, symbolic execution, search heuristics and execution trace extraction. In this article we describe the design of OpenSAW, a more flexible general-purpose white-box fuzzing framework intended to encourage research on new techniques identifying security problems. In addition, we have formalized two unaddressed technical aspects and devised new algorithms for these. The first relates to generalizing and combining different program exploration strategies, and the second relates to prioritizing execution traces. We have evaluated OpenSAW using both in-house and external programs and identified several bugs.
Subject headings
- NATURVETENSKAP -- Data- och informationsvetenskap -- Datavetenskap (hsv//swe)
- NATURAL SCIENCES -- Computer and Information Sciences -- Computer Sciences (hsv//eng)
Keyword
- Heuristic algorithms
- Software engineering
- Software testing
- Automated test case generation
- Constraint Solving
- Exploration strategies
- Security analysis
- Security problems
- Security vulnerabilities
- Symbolic execution
- Technical aspects
- Program debugging
Publication and Content Type
- ref (subject category)
- kon (subject category)
Find in a library
- 20th International Conference on Fundamental Approaches to Software Engineering,... (Search for host publication in LIBRIS)
To the university's database
- 1 of 1
- Previous record
- Next record
- To hitlist
Find more in SwePub
- By the author/editor
- Ben Henda, N.
- Johansson, B.
- Lantz, P.
- Norrman, K.
- Saarinen, P.
- Segersvärd, Oska ...
- About the subject
-
- NATURAL SCIENCES
- NATURAL SCIENCES
- and Computer and Inf ...
- and Computer Science ...
- Articles in the publication
- 20th Internation ...
- By the university
- Royal Institute of Technology
Search outside SwePub
- Extend your search to:
- Google Book Search
- Google Scholar
Kungliga biblioteket hanterar dina personuppgifter i enlighet med EU:s dataskyddsförordning (2018), GDPR. Läs mer om hur det funkar här.
Så här hanterar KB dina uppgifter vid användning av denna tjänst.
- Copyright © LIBRIS - National Library Systems
- LIBRIS.kb.se
