Olympia: Fuzzer Benchmarking for Solidity (ASE 2024 - Tool Demonstrations)

Who

Jana Chadt, Christoph Hochrainer, Valentin Wüstholz, Maria Christakis

Track

ASE 2024 Tool Demonstrations

This program is tentative and subject to change.

Time Zone

The program is currently displayed in (GMT-07:00) Pacific Time (US & Canada).

Use conference time zone: (GMT-07:00) Pacific Time (US & Canada)Select other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Tue 29 Oct 2024 16:54 - 17:06 at Camellia - Fuzzing 1

Abstract

Over the last few years, smart-contract hacks have resulted in the loss of billions of assets. To efficiently identify such vulnerabilities, academic and industrial researchers have developed several popular smart-contract fuzzers. However, it has been challenging to objectively compare their bug-finding effectiveness. In this paper, we present Olympia, the first benchmark-generation tool that is designed for smart-contract, rather than general-purpose, fuzzers. We have used Olympia to evaluate the effectiveness of four well known, open-source fuzzers for Solidity smart contracts.

Screencast: https://www.youtube.com/watch?v=DdADa2vcicA

Implementation: https://github.com/Rigorous-Software-Engineering/olympia

Jana Chadt

TU Wien, Austria

Christoph Hochrainer

TU Wien

Austria

Valentin Wüstholz

ConsenSys

Austria

Maria Christakis

TU Wien

Austria

This program is tentative and subject to change.

Time Zone

The program is currently displayed in (GMT-07:00) Pacific Time (US & Canada).

Use conference time zone: (GMT-07:00) Pacific Time (US & Canada)Select other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Tue 29 Oct
Displayed time zone: Pacific Time (US & Canada) change

16:30 - 17:30	Fuzzing 1Research Papers / Journal-first Papers / Industry Showcase / Tool Demonstrations at Camellia

16:30 12m Talk		Magneto: A Step-Wise Approach to Exploit Vulnerabilities in Dependent Libraries via LLM-Empowered Directed Fuzzing Research Papers Zhuotong Zhou Fudan University, China, Yongzhuo Yang Fudan University, Susheng Wu Fudan University, Yiheng Huang Fudan University, Bihuan Chen Fudan University, Xin Peng Fudan University
16:42 12m Talk		Applying Fuzz Driver Generation to Native C/C++ Libraries of OEM Android Framework: Obstacles and Solutions Industry Showcase Shiyan Peng Fudan University, Yuan Zhang Fudan University, Jiarun Dai Fudan University, Yue Gu Fudan University, Zhuoxiang Shen Fudan University, Jingcheng Liu Fudan University, Lin Wang Fudan University, Yong Chen OPPO, Yu Qin OPPO, Lei Ai OPPO, Xianfeng Lu OPPO, Min Yang Fudan University
16:54 12m Talk		Olympia: Fuzzer Benchmarking for Solidity Tool Demonstrations Jana Chadt TU Wien, Austria, Christoph Hochrainer TU Wien, Valentin Wüstholz ConsenSys, Maria Christakis TU Wien
17:06 12m Talk		BUGOSS: A Benchmark of Real-world Regression Bugs for Empirical Investigation of Regression Fuzzing Techniques Journal-first Papers Jeewoong Kim Chungbuk National University, Shin Hong Chungbuk National University
17:18 12m Talk		Learning Failure-Inducing Models for Testing Software-Defined Networks Journal-first Papers Raphaël Ollando University of Luxembourg, Seung Yeob Shin University of Luxembourg, Lionel Briand University of Ottawa, Canada; Lero centre, University of Limerick, Ireland