摘要 |
Methods, systems, and computer-readable media having computer-executable instructions embodied thereon that, when executed, perform methods in accordance with embodiments hereof, for emulating behavior of a target program to identify defects therein. Emulation includes recording a trace file upon running machine-level instructions of the target program, collecting relevant events encountered upon replaying the trace file, expressing the relevant events as symbolic constraints, and solving the symbolic constraints for variant input parameters. Injecting the variant input parameters into the trace file causes the target program to follow various control paths, allowing for systematically searching the target program for defects. The procedure for security testing above can be repeated by employing a search-strategy algorithm that selects optimal control paths of the target program to evaluate. Accordingly, the search-strategy algorithm induces the target program to follow the optimal control paths such that an optimal portion of the target program is explored for defects.
|