Mining input grammars from dynamic taints
Knowing which part of a program processes which parts of an input can reveal the structure of the input as well as the structure of the program. In a URL http://www.example.com/path/, for instance, the protocol http, the host www.example.com, and the path path would be handled by different functions...
Uložené v:
| Vydané v: | Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering s. 720 - 725 |
|---|---|
| Hlavní autori: | , |
| Médium: | Konferenčný príspevok.. |
| Jazyk: | English |
| Vydavateľské údaje: |
ACM
01.09.2016
|
| Predmet: | |
| On-line prístup: | Získať plný text |
| Tagy: |
Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
|
| Abstract | Knowing which part of a program processes which parts of an input can reveal the structure of the input as well as the structure of the program. In a URL http://www.example.com/path/, for instance, the protocol http, the host www.example.com, and the path path would be handled by different functions and stored in different variables. Given a set of sample inputs, we use dynamic tainting to trace the data flow of each input character, and aggregate those input fragments that would be handled by the same function into lexical and syntactical entities. The result is a context-free grammar that reflects valid input structure. In its evaluation, our AUTOGRAM prototype automatically produced readable and structurally accurate grammars for inputs like URLs, spreadsheets or configuration files. The resulting grammars not only allow simple reverse engineering of input formats, but can also directly serve as input for test generators. |
|---|---|
| AbstractList | Knowing which part of a program processes which parts of an input can reveal the structure of the input as well as the structure of the program. In a URL http://www.example.com/path/, for instance, the protocol http, the host www.example.com, and the path path would be handled by different functions and stored in different variables. Given a set of sample inputs, we use dynamic tainting to trace the data flow of each input character, and aggregate those input fragments that would be handled by the same function into lexical and syntactical entities. The result is a context-free grammar that reflects valid input structure. In its evaluation, our AUTOGRAM prototype automatically produced readable and structurally accurate grammars for inputs like URLs, spreadsheets or configuration files. The resulting grammars not only allow simple reverse engineering of input formats, but can also directly serve as input for test generators. |
| Author | Zeller, Andreas Hoschele, Matthias |
| Author_xml | – sequence: 1 givenname: Matthias surname: Hoschele fullname: Hoschele, Matthias email: hoeschele@cs.uni-saarland.de organization: Saarland Inf. Campus, Saarland Univ., Saarbrucken, Germany – sequence: 2 givenname: Andreas surname: Zeller fullname: Zeller, Andreas email: zeller@cs.uni-saarland.de organization: Saarland Inf. Campus, Saarland Univ., Saarbrucken, Germany |
| BookMark | eNotjj1PwzAUAI0EElAyM7B4ZUh5frZje0QVX1IRC8zVs_NSGRG3isPQf08RTDecdLpLcVp2hYW4VrBUytg7DA7QdctfalQnognOHwVo7Y2156Kp9RMAELugES_E7WsuuWxlLvvvWW4nGkeaqhym3Sj7Q6ExJzlTLnO9EmcDfVVu_rkQH48P76vndv329LK6X7eExs0tBRsDhKRUiga1ZU7kiawK7JMfXGe0NmD7EBUM0TNb3yMkNIyaI_V6IW7-upmZN_spH4cOG2c9enD6B1cXQWA |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1145/2970276.2970321 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| EISBN | 9781450338455 1450338453 |
| EndPage | 725 |
| ExternalDocumentID | 7582807 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IL ACM ALMA_UNASSIGNED_HOLDINGS APO CBEJK GUFHI LHSKQ RIE RIL |
| ID | FETCH-LOGICAL-a247t-a95b909c11cb4235eeca8aa519e8c8f76433405d9b10fb8ee58d20c24e23ebad3 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 81 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000390237000071&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| IngestDate | Wed Aug 27 01:41:41 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-a247t-a95b909c11cb4235eeca8aa519e8c8f76433405d9b10fb8ee58d20c24e23ebad3 |
| PageCount | 6 |
| ParticipantIDs | ieee_primary_7582807 |
| PublicationCentury | 2000 |
| PublicationDate | 2016-Sept. |
| PublicationDateYYYYMMDD | 2016-09-01 |
| PublicationDate_xml | – month: 09 year: 2016 text: 2016-Sept. |
| PublicationDecade | 2010 |
| PublicationTitle | Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering |
| PublicationTitleAbbrev | ASE |
| PublicationYear | 2016 |
| Publisher | ACM |
| Publisher_xml | – name: ACM |
| SSID | ssj0002269322 |
| Score | 2.011505 |
| Snippet | Knowing which part of a program processes which parts of an input can reveal the structure of the input as well as the structure of the program. In a URL... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 720 |
| SubjectTerms | context-free grammars dynamic tainting fuzzing Grammar Input formats Instruments Java Ports (Computers) Protocols Software Uniform resource locators |
| Title | Mining input grammars from dynamic taints |
| URI | https://ieeexplore.ieee.org/document/7582807 |
| WOSCitedRecordID | wos000390237000071&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV09T8MwED2VioEJUIv4lgcWJNLGjmMnM6JigKoDSN0qf1ykDqRVm_D760uiwMDCZMuLZXm49-7u3QN48JzTHKkkQgxcVaJUkaEui0R4x23qnWyFwm96Ps-Wy3wxgKdeC4OITfMZTmjb1PL9xtWUKptqqvGQdPxIa9Vqtfp8SoARAYqIbnoPl-lU5DpwLjWhNaFZoL_sU5roMTv9371nMP6R4bFFH2DOYYDlCB7fG0sHti63dcWot-orcFNGMhHmW3t5RnS_2o_hc_by8fwadX4HkRFSV5HJU5vHuePc2YByUkRnMmMCxsLMZYUO4CEJ-MrnlseFzRDTzIvYCYkiQWt8cgHDclPiJTBjRYHKilirQtqY_A5DZMfCOGG55f4KRvTM1bYdabHqXnj99_ENnAScoNrWqlsYVrsa7-DYfVfr_e6--YcD4vaJaw |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV09T8MwED1VBQkmQC2C8uWBBYm0seN8zYiqiDTqUKRulT8uUgfSqk35_fiSqDCwMNnyYlke7r27e_cAHi3nNEcq8BAdV5UoI09Rl0UgrOE6tEY2QuEszvNksUhnHXg-aGEQsW4-wyFt61q-XZs9pcpGMdV4SDp-RM5ZrVrrkFFxQMKBEdHO7-EyHIk0dqwrGtIa0DTQXwYqdfwYn_3v5nPo_wjx2OwQYi6gg2UPnqa1qQNblZt9xai76tOxU0ZCEWYbg3lGhL_a9eFj_Dp_mXit44GnhIwrT6WhTv3UcG60wzkholGJUg5lYWKSInbwIXAIy6aa-4VOEMPECt8IiSJArWxwCd1yXeIVMKVFgZEWfhwVUvvkeOhiOxbKCM01t9fQo2cuN81Qi2X7wsHfxw9wMplPs2X2lr_fwKlDDVHTaHUL3Wq7xzs4Nl_Vare9r__kGz97jLQ |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=Proceedings+of+the+31st+IEEE%2FACM+International+Conference+on+Automated+Software+Engineering&rft.atitle=Mining+input+grammars+from+dynamic+taints&rft.au=Hoschele%2C+Matthias&rft.au=Zeller%2C+Andreas&rft.date=2016-09-01&rft.pub=ACM&rft.spage=720&rft.epage=725&rft_id=info:doi/10.1145%2F2970276.2970321&rft.externalDocID=7582807 |