Execution Path Detection through Dynamic Analysis in Black-Box Testing Environments
Path coverage is the process of measuring the fraction of execution paths that are taken during run-time in a software by a given set of inputs. It is commonly used to assess the stability, security, and functionality of an application; therefore, this is closely associated with software testing. Path coverage requires knowledge of the software’s source code (white-box testing), specifically the software’s potential execution paths; however, the problem becomes more challenging when the source code is not available and path coverage must be done using only the software’s binary code. This can occur if the software is a product, the software is a legacy system, or the source code is not available (e.g.~contracted software or permission-less).
This paper investigates how black-box \textit{path detection and discovery} can be achieved using \textit{execution fingerprints} that are a concise frequency representation of a software’s executed assembly instructions. Execution fingerprints can be used to identify which inputs exercised different sections of code, thus revealing execution paths. Experimental results show that clustering execution fingerprints can be used to differentiate the execution paths of software and provide a method to detect these different paths all inside a true black-box testing environment
Tue 11 OctDisplayed time zone: Eastern Time (US & Canada) change
15:30 - 16:00 | |||
15:30 30mPoster | ASTOR: An Approach to Identify Security Code Reviews Student Research Competition Rajshakhar Paul Wayne State University | ||
15:30 30mPoster | ‘Who built this crap?’ Developing a Software Engineering Domain Specific Toxicity Detector Student Research Competition Jaydeb Sarker Department of Computer Science, Wayne State University Pre-print | ||
15:30 30mPoster | Automatically Fixing Breaking Changes of Data Science Libraries Student Research Competition Hailie Mitchell Carnegie Mellon University | ||
15:30 30mPoster | Execution Path Detection through Dynamic Analysis in Black-Box Testing Environments Student Research Competition Frank Whitworth Wake Forest University | ||
15:30 30mPoster | Automatic Software Timing Attack Evaluation & Mitigation on Clear Hardware Assumption Student Research Competition Prabuddha Chakraborty University of Florida | ||
15:30 30mPoster | Automatically Tagging the “AAA" Pattern in Unit Test Cases Using Machine Learning Models Student Research Competition Chenhao Wei Stevens Institute of Technology, Lu Xiao Stevens Institute of Technology, Tingting Yu University of Cincinnati, Xinyu Chen HSBC Software Development (Guangdong) Limited, Xiao Wang Stevens Institute of Technology, Sunny Wong Envestnet, Abigail Clune AGI | ||
15:30 30mPoster | A Unified Specification Mining Framework for Smart Contracts Student Research Competition Ye Liu Nanyang Technological University | ||
15:30 30mPoster | Identifying Sexism and Misogyny in Pull Request Comments Student Research Competition Sayma Sultana Wayne State University | ||
15:30 30mPoster | Detecting Inconsistencies in If-Condition-Raise Statements Student Research Competition Islem BOUZENIA Software Lab, University of Stuttgart | ||
15:30 30mPoster | Software Evolution Management with Differential Facts Student Research Competition Xiuheng Wu Nanyang Technological University, Singapore | ||
15:30 30mPoster | RESTCluster: Automated Crash Clustering for RESTful API Student Research Competition Yi Liu Nanyang Technological University |