Journal ArticleOPEN ACCESS

A Survey of Search Strategies in the Dynamic Symbolic Execution

  • Liu Y
  • Zhou X
  • Gong W
ITM Web of Conferences (2017) 12 03025
DOI: 10.1051/itmconf/20171203025
N/ACitations
Citations of this article
10Readers
Mendeley users who have this article in their library.

Abstract

Dynamic symbolic execution (DSE) is an important way to discover software vulnerabilities. One key challenge in DSE is to find proper paths in the huge program execution space to generate effective inputs. Currently, the main search strategies used for DSE include classical search strategy, heuristic search strategy, and pruning redundance strategy. This paper reviews and compares the main search strategies of DSE in recent years, including the Generational strategy, CarFast, Control-Flow Directed Search, Fitness-Guided Search strategy, Context-Guided Search strategy, RWset technique and Veritesting.

Cite

CITATION STYLE

APA

Liu, Y., Zhou, X., & Gong, W.-W. (2017). A Survey of Search Strategies in the Dynamic Symbolic Execution. ITM Web of Conferences, 12, 03025. https://doi.org/10.1051/itmconf/20171203025

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free