, Pin: building customized program analysis tools with dynamic instrumentation, PLDI '05: Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation, pp.190-200, 2005.
, An infrastructure for adaptive dynamic optimization, International Symposium on Code Generation and Optimization, 2003. CGO 2003., pp.265-275, 2003.
DOI : 10.1109/CGO.2003.1191551
, How to shadow every byte of memory used by a program, Proceedings of the 3rd international conference on Virtual execution environments , VEE '07, pp.65-74, 2007.
DOI : 10.1145/1254810.1254820
, Process tracing using ptrace, 2002.
, Understanding data lifetime via whole system simulation, SSYM'04: Proceedings of the 13th conference on USENIX Security Symposium, pp.22-22, 2004.
, Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software, Proceedings of the Network and Distributed System Security Symposium (NDSS 2005), 2005.
, A fullynon-transparent approach to the code location problem, SCOPES '08: Proceedings of the 11th International Workshop on Software & Compilers for Embedded Systems, pp.61-68, 2008.
, Address-space layout randomization using code islands, Journal of Computer Security, vol.17, issue.3, pp.331-362, 2009.
DOI : 10.3233/JCS-2009-0322
, A threshold of ln n for approximating set cover, Journal of the ACM, vol.45, issue.4, pp.634-652, 1998.
DOI : 10.1145/285055.285059
, How smart is Intelligent Fuzzing -or -How stupid is Dumb Fuzzing, 2007.
, An empirical study of the reliability of UNIX utilities, Communications of the ACM, vol.33, issue.12, pp.32-44, 1990.
DOI : 10.1145/96267.96279
, Open Source Fuzzing Tools, 2007.
, Expanding human interactions for in-depth testing of web applications, 11th Symposium on Recent Advances in Intrusion Detection ? Also published as LNCS, 2008.
, Mutation-Based Testing of Buffer Overflow Vulnerabilities, 2008 32nd Annual IEEE International Computer Software and Applications Conference, pp.979-984, 2008.
DOI : 10.1109/COMPSAC.2008.123
, Fuzzing for Software Security Testing and Quality Assurance, 2008.
, Fuzzing: Brute Force Vulnerability Discovery, 2007.
, SNOOZE: Toward a Stateful NetwOrk prOtocol fuzZEr, Lecture Notes in Computer Science, pp.343-358, 2006.
DOI : 10.1007/11836810_25
, KiF, Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications, IPTComm '07, pp.47-56, 2007.
DOI : 10.1145/1326304.1326313
URL : https://hal.archives-ouvertes.fr/inria-00166947
, PROTOS Test-Suite: c07-sip, 2005.
, Valgrind, ACM SIGPLAN Notices, vol.42, issue.6, pp.89-100, 2007.
DOI : 10.1145/1273442.1250746
, How to do a million watchpoints: Efficient debugging using dynamic instrumentation, " in CC, ser, Lecture Notes in Computer Science, vol.4959, pp.147-162, 2008.
, FiG: Automatic Fingerprint Generation, The 14th Annual Network & Distributed System Security Conference, 2007.
, Towards automatic discovery of deviations in binary implementations with applications to error detection and fingerprint generation, SS'07: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, pp.1-16, 2007.
, Dispatcher, Proceedings of the 16th ACM conference on Computer and communications security, CCS '09, 2009.
DOI : 10.1145/1653662.1653737
, A data-driven finite state machine model for analyzing security vulnerabilities, Dependable Systems and Networks, 2003. Proceedings. 2003 International Conference on, pp.605-614, 2003.
, Practical taint-based protection using demand emulation, ACM SIGOPS Operating Systems Review, vol.40, issue.4, pp.29-41, 2006.
DOI : 10.1145/1218063.1217939
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.136.3857
, Secure program execution via dynamic information flow tracking, ASPLOS-XI: Proceedings of the 11th international conference on Architectural support for programming languages and operating systems, pp.85-96, 2004.
, Flayer: exposing application internals, WOOT '07: Proceedings of the first USENIX workshop on Offensive Technologies, pp.1-9, 2007.
, EXE: A System for Automatically Generating Inputs of Death Using Symbolic Execution, Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS), 2006.
, A Smart Fuzzer for x86 Executables, Third International Workshop on Software Engineering for Secure Systems (SESS'07: ICSE Workshops 2007), p.7, 2007.
DOI : 10.1109/SESS.2007.1
, Feedbackdirected random test generation, ICSE'07, Proceedings of the 29th International Conference on Software Engineering, pp.75-84, 2007.
, Grammar-based Whitebox Fuzzing, PLDI'2008: ACM SIGPLAN 2008 Conference on Programming Language Design and Implementation, 2008.
, The Evolving Art of Fuzzing, 2006.
, Automated Vulnerability Analysis: Leveraging Control Flow for Evolutionary Input Crafting, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007), pp.477-486, 2007.
DOI : 10.1109/ACSAC.2007.27
, Detecting Communication Protocol Security Flaws by Formal Fuzz Testing and Machine Learning, FORTE '08: Proceedings of the 28th IFIP WG 6.1 international conference on Formal Techniques for Networked and Distributed Systems, pp.299-304, 2008.
DOI : 10.1016/j.compeleceng.2006.06.001