Blogs (1) >>
ASE 2019
Sun 10 - Fri 15 November 2019 San Diego, California, United States
Thu 14 Nov 2019 10:00 - 10:40 at Kensington Ballroom - Poster Session: Tool Demonstrations 3
Tue 12 Nov 2019 12:10 - 12:20 at Cortez 1 - Testing and Coverage Chair(s): Jonathan Bell

Fuzzing is widely used for vulnerability detection. One of the challenges for an efficient fuzzing is covering code guarded by constraints such as the magic number and nested conditions. Recently, academia has partially addressed the challenge via whitebox methods. However, high-level constraints such as array sorts, virtual function invocations, and tree set queries are yet to be handled.

To meet this end, we present VisFuzz, an interactive tool for better understanding and intervening fuzzing process via real-time visualization. It extracts call graph and control flow graph from source code, maps each function and basic block to the line of source code and tracks real-time execution statistics with detail constraint contexts. With VisFuzz, test engineers first locate blocking constraints and then learn its semantic context, which helps to craft targeted inputs or update test drivers. Preliminary evaluations are conducted on four real-world programs in Google fuzzer-test-suite. Given additional 15 minutes to understand and intervene the state of fuzzing, the intervened fuzzing outperform the original pure AFL fuzzing, and the path coverage improvements range from 10.84% to 150.58%, equally fuzzed by for 12 hours.

Tue 12 Nov

ase-2019-paper-presentations
10:40 - 12:20: Papers - Testing and Coverage at Cortez 1
Chair(s): Jonathan BellGeorge Mason University
ase-2019-papers10:40 - 11:00
Talk
Automatic Self-Validation for Code Coverage Profilers
Yibiao YangHuazhong University of Science and Technology, Yanyan JiangNanjing University, Zhiqiang ZuoNanjing University, China, Yang WangNanjing University, Hao SunUnaffiliated, Hongmin LuNanjing University, Yuming ZhouNanjing University, Baowen XuNanjing University
Pre-print
ase-2019-papers11:00 - 11:20
Talk
Efficient Test Generation Guided by Field Coverage Criteria
Ariel GodioDept. of Software Engineering Instituto Tecnológico de Buenos Aires, Valeria BengoleaDept. of Computer Science FCEFQyN, University of Rio Cuarto, Pablo PonzioDept. of Computer Science FCEFQyN, University of Rio Cuarto, Nazareno AguirreDept. of Computer Science FCEFQyN, University of Rio Cuarto, Marcelo F. FriasDept. of Software Engineering Instituto Tecnológico de Buenos Aires
ase-2019-Journal-First-Presentations11:20 - 11:40
Talk
Exploring Output-Based Coverage for Testing PHP Web Applications
Hung Viet NguyenGoogle LLC, USA, Hung Dang PhanECpE Department, Iowa State University, Christian KästnerCarnegie Mellon University, Tien N. NguyenUniversity of Texas at Dallas
Link to publication
ase-2019-Industry-Showcase11:40 - 12:00
Talk
PHANTA: Diversified Test Code Quality Measurement for Modern Software Development
Susumu TokumotoFujitsu Laboratories Ltd., Kuniharu TakayamaFujitsu Laboratories Ltd.
Media Attached
ase-2019-Demonstrations12:00 - 12:10
Demonstration
TestCov: Robust Test-Suite Execution and Coverage Measurement
Dirk BeyerLMU Munich, Thomas LembergerLMU Munich
Pre-print Media Attached File Attached
ase-2019-Demonstrations12:10 - 12:20
Demonstration
VisFuzz: Understanding and Intervening Fuzzing with Interactive Visualization
Chijin ZhouTsinghua University, Mingzhe WangTsinghua University, Jie LiangTsinghua University, Zhe LiuNanjing University of Aeronautics and Astronautics, Chengnian SunWaterloo University, Yu JiangTsinghua University

Thu 14 Nov

ase-2019-Demonstrations
10:00 - 10:40: Demonstrations - Poster Session: Tool Demonstrations 3 at Kensington Ballroom
ase-2019-Demonstrations10:00 - 10:40
Demonstration
PraPR: Practical Program Repair via Bytecode Mutation
Ali GhanbariThe University of Texas at Dallas, Lingming ZhangThe University of Texas at Dallas
ase-2019-Demonstrations10:00 - 10:40
Demonstration
Kotless: a Serverless Framework for Kotlin
Vladislav TankovJetBrains, ITMO University, Yaroslav GolubevJetBrains Research, ITMO University, Timofey BryksinJetBrains Research, Saint-Petersburg State University
ase-2019-Demonstrations10:00 - 10:40
Demonstration
PeASS: A Tool for Identifying Performance Changes at Code Level
David Georg ReicheltUniversität Leipzig, Stefan KühneUniversität Leipzig, Wilhelm HasselbringKiel University
Pre-print Media Attached File Attached
ase-2019-Demonstrations10:00 - 10:40
Demonstration
MutAPK: Source-Codeless Mutant Generation for Android Apps
Camilo Escobar-VelásquezUniversidad de los Andes, Michael Osorio-RiañoUniversidad de los Andes, Mario Linares-VásquezSystems and Computing Engineering Department , Universidad de los Andes , Bogotá, Colombia
ase-2019-Demonstrations10:00 - 10:40
Demonstration
CocoQa: Question Answering for Coding Conventions over Knowledge Graphs
Tianjiao DuShanghai JiaoTong University, Junming CaoShanghai JiaoTong University, Qinyue WuShanghai JiaoTong University, Wei LiShanghai JiaoTong University, Beijun ShenSchool of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Yuting ChenShanghai Jiao Tong University
ase-2019-Demonstrations10:00 - 10:03
Demonstration
Humanoid: A Deep Learning-based Approach to Automated Black-box Android App Testing
Yuanchun LiPeking University, Ziyue YangPeking University, Yao GuoPeking University, Xiangqun ChenPeking University
ase-2019-Demonstrations10:00 - 10:40
Demonstration
Developer Reputation Estimator (DRE)
Sadika AmreenUniversity of Tennessee Knoxville, Andrey KarnauchUniversity of Tennessee Knoxville, Audris MockusUniversity of Tennessee - Knoxville
ase-2019-Demonstrations10:00 - 10:40
Demonstration
NeuralVis: Visualizing and Interpreting Deep Learning Models
Xufan ZhangState Key Laboratory for Novel Software Technology Nanjing University, Nanjing, China, Ziyue YinState Key Laboratory for Novel Software Technology Nanjing University, Nanjing, China, Yang FengUniversity of California, Irvine, Qingkai ShiHong Kong University of Science and Technology, Jia LiuState Key Laboratory for Novel Software Technology Nanjing University, Nanjing, China, Zhenyu ChenNanjing University
ase-2019-Demonstrations10:00 - 10:40
Demonstration
Visual Analytics for Concurrent Java Executions
Cyrille ArthoKTH Royal Institute of Technology, Sweden, Monali PandeKTH Royal Institute of Technology, Qiyi TangUniversity of Oxford
ase-2019-Demonstrations10:00 - 10:40
Demonstration
Sip4J: Statically Inferring Access Permission Contracts for Parallelising Sequential Java Programs
Ayesha SadiqMonash University, Li LiMonash University, Australia, Yuan-Fang LiMonash University, Ijaz AhmedUniversity of Lahore, Sea LingMonash University
ase-2019-Demonstrations10:00 - 10:40
Demonstration
SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods
Goran PiskachevFraunhofer IEM, Lisa Nguyen Quang DoGoogle, Oshando JohnsonFraunhofer IEM, Eric BoddenHeinz Nixdorf Institut, Paderborn University and Fraunhofer IEM
Pre-print Media Attached File Attached
ase-2019-Demonstrations10:00 - 10:40
Demonstration
VisFuzz: Understanding and Intervening Fuzzing with Interactive Visualization
Chijin ZhouTsinghua University, Mingzhe WangTsinghua University, Jie LiangTsinghua University, Zhe LiuNanjing University of Aeronautics and Astronautics, Chengnian SunWaterloo University, Yu JiangTsinghua University