[Textbook] |
|
The Fuzzing Book |
|
Andreas Zeller, Rahul Gopinath, Marcel Böhme, Gordon Fraser, and Christian Holler |
|
(One-line Abstract) Interactive, Jupyter-style textbook on fuzzing and automated test generation. |
|
Digital textbook available at https://www.fuzzingbook.org |
| |
[TOSEM'25] |
|
Software Security Analysis in 2030 and Beyond: A Research Roadmap |
|
Marcel Böhme, Eric Bodden, Tevfik Bultan, Cristian Cadar, Yang Liu, and Giuseppe Scanniello |
|
(One-line Abstract) Challenges and opportunities for the security analysis of our software systems of the future. |
|
ACM Transactions on Software Engineering and Methodology (Invited Paper; accepted with minor revisions). |
| |
[ICSE'25] |
|
Invivo Fuzzing by Amplifying Actual Executions |
|
Octavio Galland and Marcel Böhme |
|
(One-line Abstract) Don't attach a fuzzer using fuzz drivers! Inject a fuzzer and amplify any state. |
|
IEEE/ACM International Conference on Software Engineering 2025 (ICSE'25), 13 pages. |
| |
[ICSE'25] |
|
Accounting for Missing Events in Statistical Information Leakage Analysis |
|
Seongmin Lee, Shreyas Minocha, and Marcel Böhme |
|
(One-line Abstract) Estimating software privacy in the small sample regime. |
|
IEEE/ACM International Conference on Software Engineering 2025 (ICSE'25), 12 pages. |
| |
[USENIX Sec'24] |
|
Uncovering the Limits of Machine Learning for Automatic Vulnerability Detection |
|
Niklas Risse and Marcel Böhme |
|
(One-line Abstract) Are machine learning models for vulnerability discovery as good as they seem? |
|
USENIX Security Symposium 2024 (USENIX Sec'24), 19 pages. |
| |
[CCS'24] |
|
Testing Side-Channel Security of Crypto. Implementations Against Future Microarchitectures |
|
G. Barthe, M. Böhme, S. Cauligi, C. Chuengsatiansup, D. Genkin, M. Guarnieri, D. Romero, P. Schwabe, D. Wu, and Y. Yarom |
|
(Two-line Abstract) Turns out all tested crypto impl. are vulnerable in the presence of recently proposed microarchitectures, |
|
--- even despite of (and sometimes because of) coding idioms meant to mitigate side channels at the source code level. |
|
ACM Conference on Computer and Communications Security 2024 (CCS'24), 16 pages. |
🏆 |
Award: Our paper received the ACM SIGSAC Distinguished Paper Award. Congrats all! |
| |
[ICSE'24] |
|
Extrapolating Coverage Rate in Greybox Fuzzing |
|
Danushka Liyanage, Seongmin Lee, Chakkrit Tantithamthavorn, and Marcel Böhme |
|
(One-line Abstract) How to *predict* the coverage rate of a greybox fuzzer in the future. |
|
IEEE/ACM International Conference on Software Engineering 2024 (ICSE'24), 13 pages. |
| |
[NDSS'24] |
|
Large Language Model guided Protocol Fuzzing |
|
Ruijie Meng, Martin Mirchev, Marcel Böhme, and Abhik Roychoudhury |
|
(One-line Abstract) How to make a fuzzer ask ChatGPT about the correct structure and order of messages as specified in 100+ pages of RFC. |
|
Network and Distributed System Security Symposium (NDSS) 2024, 15 pages. |
|
Note: We published tools, data, and analysis at Zenodo (DOI 10.5281/zenodo.8373804) and https://github.com/ChatAFLndss/ChatAFL. |
|
Note: Inaugural NDSS Artifact Evaluation Committee evaluated our artifact as Available, Functional, and Reproduced! |
| |
[TSE'24] |
|
Human-in-the-loop Automatic Program Repair |
|
Charaka Geethal, Marcel Böhme, and Van-Thuan Pham |
|
(One-line Abstract) Learn2fix automatically "negotiates" with the user the condition under which the bug is observed before it repairs the bug. |
|
IEEE Transactions on Software Engineering (TSE), 2024, 24 pages. |
|
Note: Journal extension of our homonymous ICST'20 paper. |
|
Note: We publish our implementation, data, and scripts available at: https://github.com/charakageethal/learn2fix-journal-ext/. |
| |
[CACM'23] |
|
Boosting Fuzzer Efficiency: An Information Theoretic Perspective |
|
Marcel Böhme, Valentin Manès, Sang Kil Cha |
|
(One-line Abstract) Every generated input reveals some information about the program. Maximizing information maximizes efficiency.. |
|
Communications of the ACM (Vol. 66, No. 11) |
🏆 |
Award: CACM Research Highlight for the month of November. CACM is the monthly journal sent to all members of the ACM. Congrats all! |
|
Note: CACM Technical Perspective: "What's all the fuss about fuzzing?" by the amazing Gordon Fraser! |
| |
[ASE'23] |
|
Precise Data-Driven Approximation for Program Analysis via Fuzzing |
|
Nikhil Parasaram, Earl T. Barr, Sergey Mechtaev, and Marcel Böhme |
|
(One-line Abstract) Marry static analysis to over-/under-approx. the valid state space and fuzzing + stats to estimate the degree of validity. |
|
IEEE/ACM International Conference on Automated Software Engineering (ASE) 2023, 12 pages. |
|
Note: We published tools, data, and analysis at Zenodo (DOI 10.5281/zenodo.7902214). |
| |
[ESEC/FSE'23] |
|
Statistical Reachability Analysis |
|
Seongmin Lee and Marcel Böhme |
|
(One-line Abstract) Quantiative program analysis using a statistical rather than an analytical approach. |
|
ACM European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE) 2023, 12 pages |
|
Note: We published tools, data, and analysis at Zenodo (DOI 10.5281/zenodo.7612964). |
|
Note: Artifact Evaluation Committee evaluated our artifact as Functional and Reusable! |
| |
[ICSE'23] |
|
Reachable Coverage: Estimating Saturation in Fuzzing |
|
Danushka Liyanage, Marcel Böhme, Chakkrit Tantithamthavorn, and Stephan Lipp |
|
(One-line Abstract) Estimating the maximum achievable coverage by automatic test input generation. |
|
IEEE/ACM International Conference on Software Engineering 2023 (ICSE'23), 13 pages |
|
Note: We published data, analysis, and figures at Zenodo (DOI 10.5281/zenodo.7571359). |
|
Note: Featured in the Fuzzing Weekly Newsletter (CW5). |
| |
[ICSE'23] |
|
Evaluating the Impact of Experimental Assumptions in Automated Fault Localization |
|
Ezekiel Soremekun, Lukas Kirschner, Marcel Böhme, and Mike Papadakis |
|
(One-line Abstract) Evaluating the assumptions that researchers make during debugging tool evaluations. |
|
IEEE International Conference on Software Engineering 2023 (ICSE'23), 13 pages |
|
Website: https://debugging-assumptions.github.io/ |
| |
[ISSTA'23] |
|
Green Fuzzing: A Saturation-based Stopping Criterion using Vulnerability Prediction |
|
Stephan Lipp, Daniel Elsner, Severin Kacianka, Alexander Pretschner, Marcel Böhme, Sebastian Banescu |
|
(One-line Abstract) We suggest to stop a fuzzing campaign when the coverage of potentially vulnerable code saturates. |
|
ACM SIGSOFT International Symposium on Software Testing and Analysis 2023 (ISSTA'23), 13 pages |
|
Note: We published data, analysis, and figures at Zenodo (DOI 10.5281/zenodo.7944722) and Github (https://github.com/tum-i4/green-fuzzing-artifacts). |
| |
[USENIX SEC'22] |
|
Stateful Greybox Fuzzing |
|
Jinsheng Ba, Marcel Böhme, Zahra Mirzamomen, Abhik Roychoudhury |
|
(One-line Abstract) Navigating an unknown state space by identifying and monitoring state variables values. |
|
USENIX Security Symposium (USENIX SEC) 2022, 18 pages |
|
Note: SGFuzz is available on Github: https://github.com/bajinsheng/SGFuzz |
| |
[ISSTA'22] |
|
Human-in-the-loop Oracle Learning for Semantic Bugs in String Processing Programs |
|
Charaka Geethal, Van-Thuan Pham, Aldeida Aleti, and Marcel Böhme |
|
(One-line Abstract) Learning to identify semantic bugs for string processing programs |
|
ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA'22), 11 pages |
| |
[ICSE'22] |
|
On the Reliability of Coverage-Based Fuzzer Benchmarking |
|
Marcel Böhme, Laszlo Szekeres, Jonathan Metzman |
|
(One-line Abstract) We find a strong correlation but no strong agreement on fuzzer superiority in terms of coverage versus bugs. |
|
IEEE/ACM International Conference on Software Engineering 2022 (ICSE'22), 11 pages |
|
Note: We published data, analysis, and figures at Zenodo (DOI 10.5281/zenodo.6045830) and Github (https://github.com/icse22data/). |
|
Slides @Slideshare |
| |
[ICSE'22-NIER] |
|
Statistical Reasoning about Programs |
|
Marcel Böhme |
|
(One-line Abstract) Open challenges and new research directions for automated program analysis at scale. |
|
IEEE International Conference on Software Engineering 2022: New Ideas and Emerging Results (ICSE'22 NIER), 5 pages |
|
Slides @Slideshare |
| |
[IEEE TSE'22] |
|
An Experimental Assessment of Using Theoretical Defect Predictors to Guide Search-Based Software Testing |
|
Anjana Perera, Aldeida Aleti, Burak Turhan, Marcel Böhme |
|
(One-line Abstract) What is the impact of defect predictor accuracy on defectiveness-guided test generation? |
|
IEEE Transactions on Software Engineering (TSE), 16 pages |
| |
[IEEE Software'21] |
|
Fuzzing: Challenges and Reflections |
|
Marcel Böhme, Cristian Cadar, and Abhik Roychoudhury |
|
(One-line Abstract) A resource for practitioners and researchers to learn about the main open challenges in fuzzing and symbolic execution. |
|
IEEE Software, 8 pages |
|
Note: This is the outcome of a 3-day meeting of thought leaders and rising stars, both in industry and academia.. |
|
Note: We are happy to publish these results in the premier magazine (and journal) for software practitioners. |
|
Slides @Slideshare |
| |
[ESEC/FSE'21] |
|
Estimating Residual Risk in Greybox Fuzzing |
|
Marcel Böhme, Danushka Liyanage, and Valentin Wüstholz |
|
(One-line Abstract) After 24hrs no crashes, you abort the campaign. What is the change to see a crash if you generated one more input? |
|
ACM European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE) 2021, 12 pages |
|
Note: Congrats Danushka on his first paper. Exciting work with our industry collaborator Valentin. We are breaking new ground! |
|
Note: Our artifact (DOI 10.5281/zenodo.4970239) @ Github and Kaggle was evaluated as Available and Reusable . |
|
Shout out: Justin Campbell (Microsoft) would use this in large-scale fuzzing (OneFuzz) to maximize bug finding within the compute budget. |
| |
[CCS'21] |
|
Regression Greybox Fuzzing |
|
Xiaogang Zhu and Marcel Böhme |
|
(One-line Abstract) Once a program is well-fuzzed, most bugs found are regressions. Fuzz all commits at once, but focus on recent ones. |
|
ACM Conference on Computer and Communications Security (CCS), 13 pages |
|
Note: AFLChurn is available on Github: https://github.com/aflchurn/aflchurn. Data and evaluation are available on Kaggle |
| |
[EMSE'21] |
|
Locating faults with program slicing: an empirical analysis |
|
Ezekiel O. Soremekun, Lukas Kirschner, Marcel Böhme, and Andreas Zeller |
|
(One-line Abstract) Empirical comparison of statistical fault localization and dynamic program slicing along more realistic assumptions. |
|
Journl of Empirical Software Engineering (EMSE), 2021, 51 pages, DOI: 10.1007/s10664-020-09931-7 |
|
Note:Congrats to Ezekiel, Lukas, and Andreas! Ezekiel started this work with when I was still a PostDoc in Andreas' team. |
|
Note:Our artifact and the steps to reproduce our results are available at 10.6084/m9.figshare.13369400.v1. |
| |
[ESEC/FSE'20] |
|
Boosting Fuzzer Efficiency: An Information Theoretic Perspective |
|
Marcel Böhme, Valentin J.M. Manès, Sang Kil Cha |
|
(One-line Abstract) Every generated input reveals some information about the program. Maximizing information maximizes efficiency. |
|
ACM European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE) 2020, 12 pages |
|
Note: Our artifact @ 10.6084/m9.figshare.12415622, and description @ ROSE was evaluated as Available and Reusable . |
|
Note: Entropic is now the default power schedule in LibFuzzer which powers Google's OSSFuzz and Microsoft's OneFuzz! |
|
Note: An evaluation of a time-boosted Entropic version against other fuzzers is available on https://www.fuzzbench.com! |
|
Update: Running Chrome? Entropic is now also looking for security vulnerabilities in Chrome on 25k machines every day @ Clusterfuzz! |
🏆 |
Award: Our paper received the ACM SIGSOFT Distinguished Paper Award. Congrats Valentin and Sang Kil! |
🏆 |
Award: Our Entropic paper is the new ACM SIGSOFT Research Highlight. Congrats Valentin and Sang Kil! |
|
Slides @Slideshare |
| |
[ESEC/FSE'20] |
|
Fuzzing: On the Exponential Cost of Vulnerability Discovery |
|
Marcel Böhme, Brandon Falk |
|
(One-line Abstract) Exponentially increase #machines, discover linearly more #vulns in, e.g., 24h, but discover *all* vulns exponentially faster. |
|
ACM European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE) 2020, 12 pages |
|
Note: Our artifact @ 10.6084/m9.figshare.11911287.v1 was evaluated as Available . |
|
Update: Our data, empirical evaluation, and simulation study are available @ https://www.kaggle.com. Test our laws by adding your own data! |
|
Pingback: Paper reviews and commentary from Alastair Reid, Clint Gibler, Nat Torkington, Benoit Hamelin, and Zac Hatfield-Dodds. |
|
Award Nomination: Our paper was nominated for the ACM SIGSOFT Distinguished Paper Award (2x Accept, 1x Award Quality)! |
|
Slides @Slideshare |
| |
[ICSE'20] |
|
Time-Travel Testing of Android Apps |
|
Zhen Dong, Marcel Böhme, Lucia Cojocaru, Abhik Roychoudhury |
|
(One-line Abstract) Automatic testing of Android apps by restoring the most progressive previously visited state once progress is slow. |
|
ACM/IEEE International Conference on Software Engineering 2020 (ICSE'20), 12 pages |
|
Note: Our artifact @ 10.5281/zenodo.3672076 and description @ ROSE was evaluated as Available and Reusable . |
|
Note: TimeMachine which implements time-travel testing for Android available on Github: https://github.com/DroidTest/TimeMachine! |
|
Update: TimeMachine 2.0 released: https://github.com/DroidTest/TimeMachine/releases/tag/v2.0.0! |
|
TL;DR This quick animation captures nicely the key idea of time-travel testing. |
🏆 |
Award: Our paper won the ACM SIGSOFT Distinguished Paper Award. Congrats Zhen, Lucia, and Abhik! |
| |
[ICSE'20] |
|
HyDiff: Hybrid Differential Software Analysis |
|
Y. Noller, C. Păsăreanu, M. Böhme, Y. Sun, H. Nguyen, and L. Grunske |
|
(One-line Abstract) Differential analysis (e.g., to find regressions, side-channels, or adverserial examples) using greybox fuzzing and symex. |
|
ACM/IEEE International Conference on Software Engineering 2020 (ICSE'20), 13 pages |
|
Note: Our artifact @ 10.5281/zenodo.3627893" and description @ ROSE was evaluated as Available and Reusable . |
|
Note: HyDiff tool and evaluation is available on Github: https://github.com/yannicnoller/hydiff! |
| |
[ICST'20] |
|
Human-In-The-Loop Automatic Program Repair |
|
Marcel Böhme, Charaka Geethal, and Van-Thuan Pham |
|
(One-line Abstract) Learn2fix automatically "negotiates" with the user the condition under which the bug is observed before it repairs the bug. |
|
IEEE International Conference on Software Testing, Verification and Validation 2020 (ICST'20), 10 pages |
|
Note: Learn2Fix, experimental setup, data, and R scripts available on Github: https://github.com/mboehme/learn2fix! |
|
Update: Our work has been featured in the IEEE Software Practitioner's Digest. Congrats Charaka and Thuan! |
| |
[ASE'20] |
|
Defect Prediction Guided Search-Based Software Testing |
|
Anjana Perera, Aldeida Aleti, Marcel Böhme, and Burak Turhan |
|
(One-line Abstract) Allocate more testing budget to program locations that are more likely defective. |
|
35th IEEE/ACM International Conference on Automated Software Engineering (ASE) 2020, 13 pages |
|
Note: This is the first paper of Anjana (main and co-supervised with Aldeida and Burak). Congrats Anjana! |
|
Note: The SBST-DPG tool and experimental data are available on Github: https://github.com/SBST-DPG! |
| |
[ICST'20 Testing Tool] |
|
AFLNet: A Greybox Fuzzer for Network Protocols |
|
Van-Thuan Pham, Marcel Böhme, Abhik Roychoudhury |
|
(One-line Abstract) Implementation to maximize coverage of a protocol's code and state space with lightweight protocol learning. |
|
IEEE International Conference on Software Testing, Verification and Validation 2020 (ICST'20), Testing Tool Track, 6 pages |
|
Note: AFLNet is available at https://github.com/aflnet/aflnet. |
| |
[TSE'19] |
|
Smart Greybox Fuzzing |
|
Van-Thuan Pham, Marcel Böhme, Andrew E. Santosa, Alexandru R. Căciulescu, and Abhik Roychoudhury |
|
(One-line Abstract) Makes greybox fuzzing aware of input structure, handles corrupted inputs, and maximizes input validity. |
|
IEEE Transactions on Software Engineering, 17 pages (subject to minor revisions) |
|
Note: AFLSmart which implements directed greybox fuzzing into AFL is available at https://github.com/aflsmart/aflsmart. |
|
Note: Interactive tutorial explaining the algorithms behind AFLSmart: https://www.fuzzingbook.org/html/GreyboxGrammarFuzzer.html. |
|
In the News: @Security Week, @The Register, @Nacked Security. |
| |
[ICSE'19] |
|
Assurance in Software Testing: A Roadmap |
|
Marcel Böhme |
|
(One-line Abstract) Open challenges and new research directions for the automated software testing research community. |
|
IEEE International Conference on Software Engineering 2019: New Ideas and Emerging Results (ICSE'19 NIER), 4 pages |
|
Note: Presented at KAIST, Korea hosted by Prof Shin Yoo. |
|
Note: Presented at NUS, Singapore hosted by Prof Abhik Roychoudhury. |
|
Slides @Slideshare |
| |
[TOSEM'18] |
|
STADS: Software Testing as Species Discovery |
|
Marcel Böhme |
|
(One-line Abstract) A well-established statistical framework from ecology for the well-grounded extrapolation from tested program behaviors. |
|
ACM Transactions on Software Engineerung and Methodology (TOSEM), to appear. |
|
Note: Pythia which extends AFL with estimations is available at https://github.com/mboehme/pythia. |
|
Note: Selected as journal-first contribution to be presented at ESEC/FSE 2018. |
|
Note: Larger vision to be presented at ICSE'19 New Ideas and Emerging Results (NIER) track! |
|
Update: Interactive tutorial explaining When to Stop Fuzzing: https://www.fuzzingbook.org/html/WhenToStopFuzzing.html! |
|
Pingback: Mark Griffin of ForAllSecure on When to Stop Fuzzing (Tweet): Only stop when coverage plateaus to improve the fuzz driver. |
|
Pingback: Bhargava Shastry of Ethereum Foundation asking Can Good-Turing Frequency Estimation Tell Us When to Stop Fuzzing? |
|
Pingback: William Woodruff of Trail of Bits mentions STADS in Fuzzing 101. |
| |
[ESEC/FSE'18] |
|
Verifying the Long-Run Behavior of Probabilistic System Models in the Presence of Uncertainty |
|
Yamilet R.S. Llerena, Marcel Böhme, Marc Brünink, Guoxin Su, and David S. Rosenblum |
|
(One-line Abstract) Acccounting for modelling uncertainty when analyzing steady-state properties of a stochastic system modelled as DTMC. |
|
ACM Joint European Software Engineering Conference and
Symposium on the Foundations of Software Engineering (ESEC/FSE) 2018 |
| |
[TSE'18] |
|
Coverage-based Greybox Fuzzing as Markov Chain |
|
Marcel Böhme, Van-Thuan Pham, and Abhik Roychoudhury |
|
(One-line Abstract) Efficient path exploration without program analysis |
|
IEEE Transactions on Software Engineering (TSE) 2018; DOI: 10.1109/TSE.2017.2785841, 18 pages. |
|
Note: A shorter version appears in the Proceedings of the ACM Conference on Computer and Communications Security (CCS) 2016 |
|
Note: AFLFast, our extension of AFL is available as a fork at https://github.com/mboehme/aflfast. |
|
Note: AFLFast has been evaluated by the community which finds 6 unique flaws in Perl and several bugs in Erlang VM. |
|
Note: AFLFast finds > 40 crashes in GNU Binutils and Coreutils. Pádraig Brady, Coreutils maintainer, highlights our research! |
|
Note: Google Security awards USD 2000 in bug bounties for vulnerabilities reported in [CCS'16] found by AFLFast! |
|
Update: Interactive tutorial explaining the algorithms behind AFL and AFLFast: https://www.fuzzingbook.org/html/GreyboxFuzzer.html! |
| |
[EMSE'18] |
|
A Correlation Study between Automated Program Repair and Test-Suite Metrics |
|
Jooyong Yi, Shin Hwei Tan, Sergey Mechtaev, Marcel Böhme, and Abhik Roychoudhury |
|
(One-line Abstract) Established test suite metrics are good predictors of the feasibility and quality of auto-generated repairs. |
|
Empirical Software Engineering Journal (Special Issue on Automated Program Repair), pp. 2948–2979. |
|
Note: Selected as Journal-First contribution to be presented at ICSE 2018! |
| |
[CCS'17] |
|
Directed Greybox Fuzzing |
|
Marcel Böhme, Van-Thuan Pham, Manh-Dung Nguyen, and Abhik Roychoudhury |
|
(One-line Abstract) Outperforming directed symbolic execution using simulated annealing and a novel distance metric that is pre-computed. |
|
24th ACM Conference on Computer and Communications Security (CCS) 2017, Accepted for publication. |
|
Note: AFLGo which implements directed greybox fuzzing into AFL is available at https://github.com/aflgo/aflgo. |
|
Update: Interactive tutorial explaining the algorithms behind AFL and AFLGo: https://www.fuzzingbook.org/html/GreyboxFuzzer.html! |
|
Slides @Slideshare, Presentation (ACM CCS'17) @Youtube |
| |
| |
[ESEC/FSE'17] |
|
Where is the Bug and How is it Fixed? An Experiment with Practitioners |
|
Marcel Böhme, Ezekiel O. Soremekun, Sudipta Chattopadhyay, Emamurho Ugherughe, and Andreas Zeller |
|
(One-line Abstract) Practitioners provide that output (e.g., fault locations) which automated debugging/repair tools ought to provide. |
|
Joint meeting of the European Software Engineering Conference and
the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE) 2017, pp. 117-128 |
|
Note: A shorter version "How Developers Debug Software: The DBGBENCH Dataset" appeared as poster at ICSE'17. |
|
Note: Learn more at https://dbgbench.github.io/. |
|
Update: ESEC/FSE'17 Artifact Evaluation Committee awarded highest badge for DBGBENCH! |
| |
[ASE'17] |
|
Detecting Information Flow by Mutating Input Data |
|
Björn Matthis, Vitalii Avdiienko, Ezekiel O. Soremekun, Marcel Böhme, and Andreas Zeller |
|
(One-line Abstract) Information flow between a source so and a sink si exists if a perturbation of the information at so is observable at si. |
|
32nd IEEE/ACM International Conference on Automated Software Engineering (ASE) 2017, pp. 263-273 |
|
Note: This is the result of the first BSc. thesis that I handed out as a PostDoc at Saarland University, Germany. Congrats Björn! |
| |
[CCS'16] |
|
Coverage-based Greybox Fuzzing as Markov Chain |
|
Marcel Böhme, Van-Thuan Pham, and Abhik Roychoudhury |
|
(One-line Abstract) Effective path exploration without program analysis |
|
23rd ACM Conference on Computer and Communications Security (CCS) 2016. pp. 1032-1043 |
|
Note: The journal extension has been accepted at the SE flagship journal IEEE TSE! |
| |
[ASE'16] |
|
Model-based Whitebox Fuzzing for Program Binaries |
|
Van-Thuan Pham, Marcel Böhme, and Abhik Roychoudhury |
|
(One-line Abstract) Symbolic execution for programs that take complex file inputs (e.g, PDF or PNG). |
|
31st IEEE/ACM International Conference on Automated Software Engineering (ASE) 2016. pp. 552-562 |
| |
[TSE'15] |
|
A Probabilistic Analysis of the Efficiency of Automated Software Testing |
|
Marcel Böhme and Soumya Paul |
|
(One-line Abstract) Even the most effective technique is inefficient vs. random testing if generating a test case takes relatively too long. |
|
IEEE Transactions on Software Engineering (TSE) 2015. Accepted for publication. DOI 10.1109/TSE.2015.2487274 |
|
Note: A shorter version "On the Efficiency of Automated Testing" appears in the Proceedings of FSE'14 |
|
Note: An even shorter version "Über die Effizienz des Automatischen Testens" appears in German in the Proceedings of SE'15. |
|
Note: Invited to talk about testing efficiency at UCL in London, SUTD in S'pore, NTU in S'pore, TU Darmstadt, and Saarland University. |
|
Update: Ranked among Top-50 most popular IEEE TSE articles for 6 months! [1,2,3,4,5,6] |
| |
[DISSERTATION] |
|
Automated Regression Testing and Verification of Complex Code Changes |
|
Marcel Böhme |
|
Thesis submitted for the degree of Doctor of Philosophy (PhD), Department of Computer Science, National University of Singapore PhD Defense in July'14 |
| |
[FSE'14] |
|
On the Efficiency of Automated Testing |
|
Marcel Böhme and Soumya Paul |
|
(One-line Abstract) Software Testing as Probabilistic Verification and its efficiency vis-à-vis random testing. |
|
22nd ACM SIGSOFT International Symposium on the Foundations of Software Engineering (FSE) 2014, pp. 632-642 |
|
Note: A short version "Über die Effizienz des Automatischen Testens" appears in German in the Proceedings of SE'15. |
| |
[ISSTA'14] |
|
CoREBench: Studying Complexity of Regression Errors |
|
Marcel Böhme and Abhik Roychoudhury |
|
(One-line Abstract) A benchmark and the quantitative difference between simple and complex errors. |
|
23rd ACM/SIGSOFT International Symposium on Software Testing and Analysis (ISSTA) 2014, pp. 398-408 |
|
Note: Check out CoREBench - a collection of 70 real regression errors. Found to exceed expectations by the AEC. |
|
Note: Making Top10 most downloaded articles in the past 3 months in ACM Software Engineering Notes, Nov'14. |
| |
[ESEC/FSE'13] |
|
Regression Tests to Expose Change Interaction Errors |
|
Marcel Böhme, Bruno C.d.S. Oliveira, and Abhik Roychoudhury |
|
(One-line Abstract) A new class of errors in evolving software and a technique to expose them. |
|
Joint meeting of the European Software Engineering Conference and
the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE) 2013, pp. 339-349 |
| |
[ICSE'13] |
|
Partition-based Regression Verification |
|
Marcel Böhme, Bruno C.d.S. Oliveira, and Abhik Roychoudhury |
|
(One-line Abstract-1) Dynamic Semantic Differencing using Regression Test Generation and Input Partitioning.
(One-line Abstract-2) The Practicability of Regression Testing and the Guarantees of Regression Verification. |
|
ACM/IEEE International Conference on Software Engineering (ICSE) 2013, pp.300-309 |
|
Note: The technical report, containing proofs for theorems 1 and 2, will be provided on demand.
|
| |
[ADCOM'13] |
|
Regression Testing of Evolving Programs |
|
Marcel Böhme, Abhik Roychoudhury, and Bruno C.d.S. Oliveira |
|
(One-line Abstract) Review and survey of recent advances in the testing of evolving programs. |
|
Advances in Computers, Elsevier, 2013, Volume 89, Chapter 2, pp.53-88 |
| |
[ICSE'12] |
|
Software Regression as Change of Input Partitioning |
|
Marcel Böhme |
|
(One-line Abstract) My doctoral research agenda. |
|
ACM/IEEE International Conference on Software Engineering (ICSE) 2012, pp.1523-1526 |
| |