*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************
Tess Malone, Communications Officer
Summary Sentence: Bending Fuzzers to One’s Own Will
Full Summary: No summary paragraph submitted.
Rohan PadhyeTITLE: Bending Fuzzers to One’s Own Will
ABSTRACT:
Software bugs affect the security, reliability, and performance of critical software systems that much of our society depends on. The predominant form of ensuring software quality in practice is via testing. Although software developers have considerable domain expertise, handcrafted test cases often fail to catch corner-case bugs. Automated testing techniques such as random fuzzing have become popular for discovering unexpected inputs that cause certain programs to crash. However, their effectiveness as push-button tools is limited when the test program, the input format, or the testing objective becomes complex.
In this talk, I will describe novel program analysis and fuzzing techniques that make automated testing tools smarter by leveraging the domain knowledge of software developers. These techniques draw upon external artifacts ranging from existing functional tests to explicitly provided specifications. The corresponding research tools such as JQF+Zest, PerfFuzz, and FuzzFactory have uncovered new classes of software bugs that are beyond the reach of prior work, helped identify security vulnerabilities in real-world software that runs on billions of devices, been adopted by firms such as Netflix and Samsung, and been commercialized as services by startups.
BIO:
Rohan Padhye is a Ph.D. candidate in computer science at the University of California, Berkeley. Padhye’s research focuses on dynamic program analysis and automated test-input generation. Complementing his doctoral work, Padhye spent a summer each at Microsoft Research and Samsung Research America, developing techniques to automatically find software bugs in large-scale production systems. He is the recipient of an ACM SIGSOFT Distinguished Paper Award, a Distinguished Artifact Award, a Tool Demonstration Award, and an SOSP Best Paper Award. Padhye is also the lead designer of the ChocoPy programming language, which underpins the undergraduate compilers course at Berkeley. He previously worked full time at IBM Research and holds a master’s degree from IIT Bombay.
