By Topic

Mixing Concrete and Symbolic Execution to Improve the Performance of Dynamic Test Generation

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
Gen Li ; Sch. of Comput., Nat. Univ. of Defence Technol., Changsha, China ; Kai Lu ; Ying Zhang ; Xicheng Lu
more authors

Dynamic test generation approach is becoming increasingly popular to find security vulnerabilities in software. However, existing such approaches and tools have bad system performance because they perform slow symbolic execution on all instructions. This paper presents a new dynamic test generation technique and a tool, Hunter that implements this technique. Unlike other such techniques, Hunter combines concrete and symbolic execution by executing the input-independent instructions concretely at full speed and performing symbolic execution only on direct or indirect input-dependent instructions, thus greatly accelerating the overall system performance. We have implemented our Hunter and used it to automatically find the bugs in the benchmarks and applications with known bugs. At the same time, we also compared it with a typical dynamic test generation tool, SAGE, by testing the same application with the same bug. Our results indicate that our Hunter can improve the system performance greatly; and Hunter can effectively find bugs located deep within large applications.

Published in:

New Technologies, Mobility and Security (NTMS), 2009 3rd International Conference on

Date of Conference:

20-23 Dec. 2009