Title :
Mixing Concrete and Symbolic Execution to Improve the Performance of Dynamic Test Generation
Author :
Li, Gen ; Lu, Kai ; Zhang, Ying ; Lu, Xicheng ; Zhang, Wei
Author_Institution :
Sch. of Comput., Nat. Univ. of Defence Technol., Changsha, China
Abstract :
Dynamic test generation approach is becoming increasingly popular to find security vulnerabilities in software. However, existing such approaches and tools have bad system performance because they perform slow symbolic execution on all instructions. This paper presents a new dynamic test generation technique and a tool, Hunter that implements this technique. Unlike other such techniques, Hunter combines concrete and symbolic execution by executing the input-independent instructions concretely at full speed and performing symbolic execution only on direct or indirect input-dependent instructions, thus greatly accelerating the overall system performance. We have implemented our Hunter and used it to automatically find the bugs in the benchmarks and applications with known bugs. At the same time, we also compared it with a typical dynamic test generation tool, SAGE, by testing the same application with the same bug. Our results indicate that our Hunter can improve the system performance greatly; and Hunter can effectively find bugs located deep within large applications.
Keywords :
program debugging; program testing; software performance evaluation; software tools; Hunter; SAGE; bugs; concrete execution; dynamic test generation; software security; symbolic execution; test generation tool; Acceleration; Computer bugs; Computer security; Concrete; National security; Performance evaluation; Software performance; Software testing; System performance; System testing;
Conference_Titel :
New Technologies, Mobility and Security (NTMS), 2009 3rd International Conference on
Conference_Location :
Cairo
Print_ISBN :
978-1-4244-4765-7
DOI :
10.1109/NTMS.2009.5384761
