FuSeBMC: An Energy-Efficient Test Generator for Finding Security Vulnerabilities in C Programs

FuSeBMC: A White-Box Fuzzer for Finding Security Vulnerabilities in C Programs (Competition Contribution)

Fundamental Approaches to Software Engineering - Lecture Notes in Computer Science ◽

10.1007/978-3-030-71500-7_19 ◽

2021 ◽

pp. 363-367 ◽

Cited By ~ 1

Author(s):

Kaled M. Alshmrany ◽

Rafael S. Menezes ◽

Mikhail R. Gadelha ◽

Lucas C. Cordeiro

Keyword(s):

Model Checking ◽

Symbolic Execution ◽

Bounded Model Checking ◽

Test Cases ◽

Security Vulnerabilities ◽

C Programs ◽

Code Coverage

AbstractWe describe and evaluate a novel white-box fuzzer for C programs named , which combines fuzzing and symbolic execution, and applies Bounded Model Checking (BMC) to find security vulnerabilities in C programs. explores and analyzes C programs (1) to find execution paths that lead to property violations and (2) to incrementally inject labels to guide the fuzzer and the BMC engine to produce test-cases for code coverage. successfully participates in Test-Comp’21 and achieves first place in the category and second place in the category.

Download Full-text

DeepFuzz: Automatic Generation of Syntax Valid C Programs for Fuzz Testing

Proceedings of the AAAI Conference on Artificial Intelligence ◽

10.1609/aaai.v33i01.33011044 ◽

2019 ◽

Vol 33 ◽

pp. 1044-1051 ◽

Cited By ~ 8

Author(s):

Xiao Liu ◽

Xiaoting Li ◽

Rupesh Prajapati ◽

Dinghao Wu

Keyword(s):

Success Rate ◽

Sampling Methods ◽

Automatic Generation ◽

Security Vulnerabilities ◽

C Programs ◽

Branch Coverage ◽

Fuzz Testing ◽

Programming Tools ◽

Preliminary Study

Compilers are among the most fundamental programming tools for building software. However, production compilers remain buggy. Fuzz testing is often leveraged with newlygenerated, or mutated inputs in order to find new bugs or security vulnerabilities. In this paper, we propose a grammarbased fuzzing tool called DEEPFUZZ. Based on a generative Sequence-to-Sequence model, DEEPFUZZ automatically and continuously generates well-formed C programs. We use this set of new C programs to fuzz off-the-shelf C compilers, e.g., GCC and Clang/LLVM. We present a detailed case study to analyze the success rate and coverage improvement of the generated C programs for fuzz testing. We analyze the performance of DEEPFUZZ with three types of sampling methods as well as three types of generation strategies. Consequently, DEEPFUZZ improved the testing efficacy in regards to the line, function, and branch coverage. In our preliminary study, we found and reported 8 bugs of GCC, all of which are actively being addressed by developers.

Download Full-text

Energy-Efficient Test Facility for Electric Motors

Electrotechnical Systems and Complexes ◽

10.18503/2311-8318-2018-3(40)-12-19 ◽

2018 ◽

pp. 12-19 ◽

Cited By ~ 1

Author(s):

Evgenii Omelchenko ◽

◽

Alexey Beliy ◽

Sergey Enin ◽

Nikolay Fomin ◽

...

Keyword(s):

Energy Efficient ◽

Test Facility ◽

Electric Motors ◽

Efficient Test

Download Full-text

Translating C to safer Rust

Proceedings of the ACM on Programming Languages ◽

10.1145/3485498 ◽

2021 ◽

Vol 5 (OOPSLA) ◽

pp. 1-29

Author(s):

Mehmet Emre ◽

Ryan Schroeder ◽

Kyle Dewey ◽

Ben Hardekopf

Keyword(s):

Empirical Study ◽

Programming Language ◽

Type System ◽

Relative Impact ◽

Security Vulnerabilities ◽

C Programs ◽

Novel Technique ◽

Daunting Task ◽

Depth Study ◽

Underlying Causes

Rust is a relatively new programming language that targets efficient and safe systems-level applications. It includes a sophisticated type system that allows for provable memory- and thread-safety, and is explicitly designed to take the place of unsafe languages such as C and C++ in the coding ecosystem. There is a large existing C and C++ codebase (many of which have been affected by bugs and security vulnerabilities due to unsafety) that would benefit from being rewritten in Rust to remove an entire class of potential bugs. However, porting these applications to Rust manually is a daunting task. In this paper we investigate the problem of automatically translating C programs into safer Rust programs--that is, Rust programs that improve on the safety guarantees of the original C programs. We conduct an in-depth study into the underlying causes of unsafety in translated programs and the relative impact of fixing each cause. We also describe a novel technique for automatically removing a particular cause of unsafety and evaluate its effectiveness and impact. This paper presents the first empirical study of unsafety in translated Rust programs (as opposed to programs originally written in Rust) and also the first technique for automatically removing causes of unsafety in translated Rust programs.

Download Full-text

Lessons from an energy-efficient test-bed

Batiment International Building Research and Practice ◽

10.1080/09613218008550916 ◽

1980 ◽

Vol 8 (6) ◽

pp. 344-344

Author(s):

T. E. Richtmyer ◽

W. B. May ◽

C. M. Hunt ◽

J. E. Hill

Keyword(s):

Energy Efficient ◽

Test Bed ◽

Efficient Test

Download Full-text

Automatic Generation of Assertions to Detect Potential Security Vulnerabilities in C Programs That Use Union and Pointer Types

2010 Fourth International Conference on Network and System Security ◽

10.1109/nss.2010.63 ◽

2010 ◽

Author(s):

Shamsul Kamal Ahmad Khalid ◽

Jacob Zimmermann ◽

Diane Corney ◽

Colin Fidge

Keyword(s):

Automatic Generation ◽

Security Vulnerabilities ◽

C Programs

Download Full-text

Energy-efficient motors

AccessScience ◽

10.1036/1097-8542.yb061840 ◽

2015 ◽

Keyword(s):

Energy Efficient

Download Full-text

Performance Evaluation of AFOD Protocol for Energy Efficient Routing

PsycEXTRA Dataset ◽

10.1037/e605222012-003 ◽

2011 ◽

Author(s):

B. Smitha Shekar ◽

M. Sudhakar Pillai ◽

G. Narendra Kumar

Keyword(s):

Performance Evaluation ◽

Energy Efficient ◽

Energy Efficient Routing

Download Full-text

Distributed Entropy Energy-Efficient Clustering algorithm for cluster head selection (DEEEC)

Journal of Intelligent & Fuzzy Systems ◽

10.3233/jifs-189135 ◽

2020 ◽

Vol 39 (6) ◽

pp. 8139-8147

Author(s):

Ranganathan Arun ◽

Rangaswamy Balamurugan

Keyword(s):

Energy Efficient ◽

Clustering Algorithm ◽

Cluster Head ◽

Residual Energy ◽

Energy Utilization ◽

Sensor Nodes ◽

Second Stage ◽

Energy Efficient Clustering ◽

Two Stages ◽

Ch Selection

In Wireless Sensor Networks (WSN) the energy of Sensor nodes is not certainly sufficient. In order to optimize the endurance of WSN, it is essential to minimize the utilization of energy. Head of group or Cluster Head (CH) is an eminent method to develop the endurance of WSN that aggregates the WSN with higher energy. CH for intra-cluster and inter-cluster communication becomes dependent. For complete, in WSN, the Energy level of CH extends its life of cluster. While evolving cluster algorithms, the complicated job is to identify the energy utilization amount of heterogeneous WSNs. Based on Chaotic Firefly Algorithm CH (CFACH) selection, the formulated work is named “Novel Distributed Entropy Energy-Efficient Clustering Algorithm”, in short, DEEEC for HWSNs. The formulated DEEEC Algorithm, which is a CH, has two main stages. In the first stage, the identification of temporary CHs along with its entropy value is found using the correlative measure of residual and original energy. Along with this, in the clustering algorithm, the rotating epoch and its entropy value must be predicted automatically by its sensor nodes. In the second stage, if any member in the cluster having larger residual energy, shall modify the temporary CHs in the direction of the deciding set. The target of the nodes with large energy has the probability to be CHs which is determined by the above two stages meant for CH selection. The MATLAB is required to simulate the DEEEC Algorithm. The simulated results of the formulated DEEEC Algorithm produce good results with respect to the energy and increased lifetime when it is correlated with the current traditional clustering protocols being used in the Heterogeneous WSNs.

Download Full-text

A Survey on Hierarchical Cluster Based Secure Routing Protocols and Key Management Schemes in Wireless Sensor Networks

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit183810 ◽

2018 ◽

pp. 18-26

Author(s):

Yugashree Bhadane ◽

Pooja Kadam

Keyword(s):

Routing Protocol ◽

Routing Protocols ◽

Key Management ◽

Energy Efficient ◽

Base Station ◽

Secure Routing ◽

Sensor Nodes ◽

Wireless Sensor ◽

Management Schemes ◽

Cluster Based Routing

Now days, wireless technology is one of the center of attention for users and researchers. Wireless network is a network having large number of sensor nodes and hence called as “Wireless Sensor Network (WSN)”. WSN monitors and senses the environment of targeted area. The sensor nodes in WSN transmit data to the base station depending on the application. These sensor nodes communicate with each other and routing is selected on the basis of routing protocols which are application specific. Based on network structure, routing protocols in WSN can be divided into two categories: flat routing, hierarchical or cluster based routing, location based routing. Out of these, hierarchical or cluster based routing is becoming an active branch of routing technology in WSN. To allow base station to receive unaltered or original data, routing protocol should be energy-efficient and secure. To fulfill this, Hierarchical or Cluster base routing protocol for WSN is the most energy-efficient among other routing protocols. Hence, in this paper, we present a survey on different hierarchical clustered routing techniques for WSN. We also present the key management schemes to provide security in WSN. Further we study and compare secure hierarchical routing protocols based on various criteria.

Download Full-text