Blogs (1) >>
ASE 2019
Sun 10 - Fri 15 November 2019 San Diego, California, United States
Thu 14 Nov 2019 10:00 - 10:40 at Kensington Ballroom - Poster Session: Tool Demonstrations 3
Tue 12 Nov 2019 12:10 - 12:20 at Cortez 1 - Testing and Coverage Chair(s): Jonathan Bell

Fuzzing is widely used for vulnerability detection. One of the challenges for an efficient fuzzing is covering code guarded by constraints such as the magic number and nested conditions. Recently, academia has partially addressed the challenge via whitebox methods. However, high-level constraints such as array sorts, virtual function invocations, and tree set queries are yet to be handled.

To meet this end, we present VisFuzz, an interactive tool for better understanding and intervening fuzzing process via real-time visualization. It extracts call graph and control flow graph from source code, maps each function and basic block to the line of source code and tracks real-time execution statistics with detail constraint contexts. With VisFuzz, test engineers first locate blocking constraints and then learn its semantic context, which helps to craft targeted inputs or update test drivers. Preliminary evaluations are conducted on four real-world programs in Google fuzzer-test-suite. Given additional 15 minutes to understand and intervene the state of fuzzing, the intervened fuzzing outperform the original pure AFL fuzzing, and the path coverage improvements range from 10.84% to 150.58%, equally fuzzed by for 12 hours.

Tue 12 Nov
Times are displayed in time zone: Tijuana, Baja California change

10:40 - 12:20: Testing and CoveragePapers / Research Papers / Demonstrations / Journal First Presentations / Industry Showcase at Cortez 1
Chair(s): Jonathan BellGeorge Mason University
10:40 - 11:00
Talk
Automatic Self-Validation for Code Coverage Profilers
Research Papers
Yibiao YangHuazhong University of Science and Technology, Yanyan JiangNanjing University, Zhiqiang ZuoNanjing University, China, Yang WangNanjing University, Hao SunUnaffiliated, Hongmin LuNanjing University, Yuming ZhouNanjing University, Baowen XuNanjing University
Pre-print
11:00 - 11:20
Talk
Efficient Test Generation Guided by Field Coverage Criteria
Research Papers
Ariel GodioDept. of Software Engineering Instituto Tecnológico de Buenos Aires, Valeria BengoleaDept. of Computer Science FCEFQyN, University of Rio Cuarto, Pablo PonzioDept. of Computer Science FCEFQyN, University of Rio Cuarto, Nazareno AguirreDept. of Computer Science FCEFQyN, University of Rio Cuarto, Marcelo F. FriasDept. of Software Engineering Instituto Tecnológico de Buenos Aires
11:20 - 11:40
Talk
Exploring Output-Based Coverage for Testing PHP Web Applications
Journal First Presentations
Hung Viet NguyenGoogle LLC, USA, Hung Dang PhanECpE Department, Iowa State University, Christian K{\"a}stnerCarnegie Mellon University, Tien N. NguyenUniversity of Texas at Dallas
Link to publication
11:40 - 12:00
Talk
PHANTA: Diversified Test Code Quality Measurement for Modern Software Development
Industry Showcase
Susumu TokumotoFujitsu Laboratories Ltd., Kuniharu TakayamaFujitsu Laboratories Ltd.
Media Attached
12:00 - 12:10
Demonstration
TestCov: Robust Test-Suite Execution and Coverage Measurement
Demonstrations
Dirk BeyerLMU Munich, Thomas LembergerLMU Munich
Pre-print Media Attached File Attached
12:10 - 12:20
Demonstration
VisFuzz: Understanding and Intervening Fuzzing with Interactive Visualization
Demonstrations
Chijin ZhouTsinghua University, Mingzhe WangTsinghua University, Jie LiangTsinghua University, Zhe LiuNanjing University of Aeronautics and Astronautics, Chengnian SunWaterloo University, Yu JiangTsinghua University

Thu 14 Nov
Times are displayed in time zone: Tijuana, Baja California change

10:00 - 10:40: Poster Session: Tool Demonstrations 3Demonstrations at Kensington Ballroom
10:00 - 10:40
Demonstration
PraPR: Practical Program Repair via Bytecode Mutation
Demonstrations
Ali GhanbariThe University of Texas at Dallas, Lingming ZhangThe University of Texas at Dallas
10:00 - 10:40
Demonstration
Kotless: a Serverless Framework for Kotlin
Demonstrations
Vladislav TankovJetBrains, ITMO University, Yaroslav GolubevJetBrains Research, ITMO University, Timofey BryksinJetBrains Research, Saint-Petersburg State University
10:00 - 10:40
Demonstration
PeASS: A Tool for Identifying Performance Changes at Code Level
Demonstrations
David Georg ReicheltUniversität Leipzig, Stefan KühneUniversität Leipzig, Wilhelm HasselbringKiel University
Pre-print Media Attached File Attached
10:00 - 10:40
Demonstration
MutAPK: Source-Codeless Mutant Generation for Android Apps
Demonstrations
Camilo Escobar-VelásquezUniversidad de los Andes, Michael Osorio-RiañoUniversidad de los Andes, Mario Linares-VásquezSystems and Computing Engineering Department , Universidad de los Andes , Bogotá, Colombia
10:00 - 10:40
Demonstration
CocoQa: Question Answering for Coding Conventions over Knowledge Graphs
Demonstrations
Tianjiao DuShanghai JiaoTong University, Junming CaoShanghai JiaoTong University, Qinyue WuShanghai JiaoTong University, Wei LiShanghai JiaoTong University, Beijun ShenSchool of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Yuting ChenShanghai Jiao Tong University
10:00 - 10:03
Demonstration
Humanoid: A Deep Learning-based Approach to Automated Black-box Android App Testing
Demonstrations
Yuanchun LiPeking University, Ziyue YangPeking University, Yao GuoPeking University, Xiangqun ChenPeking University
10:00 - 10:40
Demonstration
Developer Reputation Estimator (DRE)
Demonstrations
Sadika AmreenUniversity of Tennessee Knoxville, Andrey KarnauchUniversity of Tennessee Knoxville, Audris MockusUniversity of Tennessee - Knoxville
10:00 - 10:40
Demonstration
NeuralVis: Visualizing and Interpreting Deep Learning Models
Demonstrations
Xufan ZhangState Key Laboratory for Novel Software Technology Nanjing University, Nanjing, China, Ziyue YinState Key Laboratory for Novel Software Technology Nanjing University, Nanjing, China, Yang FengUniversity of California, Irvine, Qingkai ShiHong Kong University of Science and Technology, Jia LiuState Key Laboratory for Novel Software Technology Nanjing University, Nanjing, China, Zhenyu ChenNanjing University
10:00 - 10:40
Demonstration
Visual Analytics for Concurrent Java Executions
Demonstrations
Cyrille ArthoKTH Royal Institute of Technology, Sweden, Monali PandeKTH Royal Institute of Technology, Qiyi TangUniversity of Oxford
10:00 - 10:40
Demonstration
Sip4J: Statically Inferring Access Permission Contracts for Parallelising Sequential Java Programs
Demonstrations
Ayesha SadiqMonash University, Li LiMonash University, Australia, Yuan-Fang LiMonash University, Ijaz AhmedUniversity of Lahore, Sea LingMonash University
10:00 - 10:40
Demonstration
SWAN_ASSIST: Semi-Automated Detection of Code-Specific, Security-Relevant Methods
Demonstrations
Goran PiskachevFraunhofer IEM, Lisa Nguyen Quang DoGoogle, Oshando JohnsonFraunhofer IEM, Eric BoddenHeinz Nixdorf Institut, Paderborn University and Fraunhofer IEM
Pre-print Media Attached File Attached
10:00 - 10:40
Demonstration
VisFuzz: Understanding and Intervening Fuzzing with Interactive Visualization
Demonstrations
Chijin ZhouTsinghua University, Mingzhe WangTsinghua University, Jie LiangTsinghua University, Zhe LiuNanjing University of Aeronautics and Astronautics, Chengnian SunWaterloo University, Yu JiangTsinghua University