Litcius/Paper detail

Exploiting Library Vulnerability via Migration Based Automating Test Generation

Zirui Chen, Xing Hu, Xin Xia, 義典 橘高, Tongtong Xu, David Lo, Xiaohu Yang

202411 citationsDOI

Abstract

In software development, developers extensively utilize third-party libraries to avoid implementing existing functionalities. When a new third-party library vulnerability is disclosed, project maintainers need to determine whether their projects are affected by the vulnerability, which requires developers to invest substantial effort in assessment. However, existing tools face a series of issues: static analysis tools produce false alarms, dynamic analysis tools require existing tests and test generation tools have low success rates when facing complex vulnerabilities.

Topics & Concepts

Computer scienceVulnerability (computing)Vulnerability assessmentTest (biology)Software engineeringSoftware testingSoftwareComputer securityOperating systemPsychologyPaleontologyPsychotherapistBiologyPsychological resilienceSoftware Testing and Debugging TechniquesAdvanced Malware Detection TechniquesSoftware Reliability and Analysis Research