Input Inference Alessio Gambi

News

16.06.2017

Poster Session and Demos

We have a date and a place for the final poster session and demos:

Rooms 001/002 @ CISPA, on Wed, 19th of July 2017

The session will start at 12:15 and go on for about 2 hours, till 14:15, to let as many people from CISPA to pass along and talk to... Read more

We have a date and a place for the final poster session and demos:

Rooms 001/002 @ CISPA, on Wed, 19th of July 2017

The session will start at 12:15 and go on for about 2 hours, till 14:15, to let as many people from CISPA to pass along and talk to you.

Students will be provided with a poster stand and a table to run the demo (if they have one).

 

14.06.2017

Learning to Fuzz: Application-Independent Fuzz Testing with Probabilistic, Generative Models of ...

J. Patra, and M. Pradel,
"Learning to Fuzz: Application-Independent Fuzz Testing with Probabilistic, Generative Models of Input Data,"
ECOOP 2016 Poster and Technical Report

Technical Report available at: http://mp.binaervarianz.de/TreeFuzz_TR_Nov2016.pdf

14.06.2017

Learn & Fuzz: Machine Learning for Input Fuzzing

P. Godefroid, H. Peleg, and R. Singh
"Learn & Fuzz: Machine Learning for Input Fuzzing,"
Technical Report, 2017

Available at: https://www.microsoft.com/en-us/research/publication/learnfuzz-machine-learning-for-input-fuzzing/

14.06.2017

Automatic and Lightweight Grammar Generation for Fuzz Testing

S. Y. Kim, S. Cha, and D.H.Bae
"Automatic and Lightweight Grammar Generation for Fuzz Testing,"
Computers & Security, Volume 36, 2013, Pages 1-11

DOI: 10.1016/j.cose.2013.02.001

17.05.2017

Semi-valid Input Coverage for Fuzz Testing

The second paper for the double session that will take place on 14th June is:

P. Tsankov, M. T. Dashti, and D. Basin,
"Semi-valid input coverage for fuzz testing,"
in Proceedings of the International Symposium on Software Testing and Analysis, ISSTA... Read more

The second paper for the double session that will take place on 14th June is:

P. Tsankov, M. T. Dashti, and D. Basin,
"Semi-valid input coverage for fuzz testing,"
in Proceedings of the International Symposium on Software Testing and Analysis, ISSTA 2013

DOI: https://doi.org/10.1145/2483760.2483787

 
17.05.2017

Grammar-based Whitebox Fuzzing

The first paper for the double session that will take place on 14th June is:

P. Godefroid, A. Kiezun, and M. Y. Levin,
"Grammar-based whitebox fuzzing,"
in Proceedings of the Conference on Programming Language Design and Implementation, PLDI '08.

DOI: ... Read more

The first paper for the double session that will take place on 14th June is:

P. Godefroid, A. Kiezun, and M. Y. Levin,
"Grammar-based whitebox fuzzing,"
in Proceedings of the Conference on Programming Language Design and Implementation, PLDI '08.

DOI: http://doi.acm.org/10.1145/1375581.1375607

17.05.2017

Directed Test Generation Using Symbolic Grammars

The second paper for the next double session is:

 

R. Majumdar and R.-G. Xu,
"Directed Test Generation Using Symbolic Grammars,"
in Proceedings of the International Conference on Automated Software Engineering, ASE '07.

DOI: ... Read more

The second paper for the next double session is:

 

R. Majumdar and R.-G. Xu,
"Directed Test Generation Using Symbolic Grammars,"
in Proceedings of the International Conference on Automated Software Engineering, ASE '07.

DOI: http://doi.acm.org/10.1145/1321631.1321653

17.05.2017

Evaluation and Comparison of Inferred Regular Grammars

The first paper for the next double session is:

 
N. Walkinshaw, K. Bogdanov and K. Johnson,
"Evaluation and Comparison of Inferred Regular Grammars,"
in Proceedings of the International Colloquium on Grammatical Inference: Algorithms and Applications,... Read more

The first paper for the next double session is:

 
N. Walkinshaw, K. Bogdanov and K. Johnson,
"Evaluation and Comparison of Inferred Regular Grammars,"
in Proceedings of the International Colloquium on Grammatical Inference: Algorithms and Applications, ICGI 2008.
 
 
17.05.2017

No Seminar on 7th of June 2017

The first week of June I will be away, so we skip the seminar. However, the week after (14th of June) we going to run a double-seminar 12:15-14:00.

For this occasion everything is doubled, papers, summaries, and submissions. Likewise the deadlines will be... Read more

The first week of June I will be away, so we skip the seminar. However, the week after (14th of June) we going to run a double-seminar 12:15-14:00.

For this occasion everything is doubled, papers, summaries, and submissions. Likewise the deadlines will be extended ... so you will have up 11th of June to submit the reports.

15.05.2017

No Seminar on 24th of May 2017

Next week I will be in a conference, so we skip the seminar. However, the week after (31st of May) we going to run a double-seminar 12:15-14:00.

For this occasion everything is doubled, papers, summaries, and submissions. Likewise the deadlines will be extended... Read more

Next week I will be in a conference, so we skip the seminar. However, the week after (31st of May) we going to run a double-seminar 12:15-14:00.

For this occasion everything is doubled, papers, summaries, and submissions. Likewise the deadlines will be extended ... so you will have up 28th of May to submit both the reports.

11.05.2017

Synthesizing Program Input Grammars

The paper for the next session is:

 
O. Bastani, R. Sharma, A. Aiken and P. Liang
"Synthesizing Program Input Grammars,"
in Proceedings of the Conference on Programming Language Design and Implementation (PLDI17), to appear
 
Extended version... Read more

The paper for the next session is:

 
O. Bastani, R. Sharma, A. Aiken and P. Liang
"Synthesizing Program Input Grammars,"
in Proceedings of the Conference on Programming Language Design and Implementation (PLDI17), to appear
 
Extended version with proof:
09.05.2017

How to give good presentations - Slides

The slides from the talk of Prof. Zeller are available in the Material section.

03.05.2017

Deriving input syntactic structure from execution

The paper for the next session is:

Z. Lin and X. Zhang,
“Deriving input syntactic structure from execution,”
in Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE '08), 2008.

The paper for the next session is:

Z. Lin and X. Zhang,
“Deriving input syntactic structure from execution,”
in Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE '08), 2008.
27.04.2017

How to give good presentations

Friday, 28th of May, 2017 @ 13:15, in Room 0.06 at CISPA  Prof. A. Zeller will give a talk on "how to give good presentations".

Nowadays, effectively delivering concepts in oral form is of paramount importance, so you are strongly suggested to attend the talk.

26.04.2017

Mining Input Grammars from Dynamic Taints

The paper for the next session is:

Matthias Höschele, and Andreas Zeller. 2016. 
"Mining input grammars from dynamic taints." 
In Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering (ASE '16), 2016
DOI: ... Read more

The paper for the next session is:

Matthias Höschele, and Andreas Zeller. 2016. 
"Mining input grammars from dynamic taints." 
In Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering (ASE '16), 2016
DOI: http://dx.doi.org/10.1145/2970276.2970321

26.04.2017

Kick Off Meeting

During the kick off meeting we covered the seminar's rules and general organization.

We also decided on the final date/time of the seminar: Wed, 12:15 - 13:00

26.04.2017

New course page

New course page went live

Show all
 

About the Course

Programs require valid inputs to operate and must gracefully handle incorrect ones. Knowing which inputs can be passed to programs is of paramount importance not only for correctly using the programs but also for enabling their systematic testing.
Program inputs might take several formats ranging from simple command line arguments to complex combinations of commands, parameters, options, and files. However, information about program inputs is rarely available, and this calls for automatic ways to recover input formats.

In this seminar, we will study the problem of automatically learning the format of program inputs and discuss how the knowledge of input formats enables the systematic generation of tests.

When & Where

  • Every Wednesday, 12:15-13:00
  • CISPA (E9.1) - Room 2.22

 

Who

The lecturer is Dr. Alessio Gambi. Invited speakers might occasionally participate to the meetings.

Registration

Registration for the course is mandatory, course registration starts on April 12th, 2017 and ends on May 10th, 2017.

To register you must send an email to gambi AT st.cs.uni-saarland.de with the following data:

  • Name Surname
  • Nationality
  • Faculty and Programme (Bachelor/Master/PhD)
  • I already partecipated to seminars (Yes/No)
  • Motivation (min 300 char, max 500 char)

The seminar can host up to 12 students, and the rule is ``first come, first served''. If you get a place in the seminar, you'll receive a confirmation email; if you do not get a place, your name will be placed in a waiting list, so if someone drops in the first two weeks, you have the option to tuck in.

During the first two weeks (May 10th is the last day), if you are registered you can drop the seminar with no consequences, but you must notify the lecturer. On the contrary, if you stay longer than two weeks or if you do not notify the lecturer about dropping the course, then you fail.
If you are in the waiting list, you have no particular obligations, but you are strongly suggested to participate to the meetings and submit your summaries on time. 

Additional Remarks

If you are an international student that cannot register in HISPOS, most probably the proof of course completion you will get from us should be enough for your exchange program coordinator. If you are not sure, contact your coordinator.

Please note, for organizational reasons you have to sign up both in the course registration form given below and in HISPOS.
Deadlines for the HISPOS registration will be posted in the HISPOS portal and announced by email.

 

Course Format and Passing Requirements

  • Reading group (1 paper/week, summaries, short presentation/summary of the paper, discussion of strengths & weaknesses).
  • At the end of the semester, a 1-day closing session with poster presentations and demonstrations.

What should you do in order to gain credit points for this course?

  • Submit all summaries on time. The deadline for the submission is: on Sunday, 23:59, two days before the weekly meeting.
  • Attend all the weekly meetings. Max 2 unexcused absences accepted, otherwise fail. Please inform us by email if you have a valid reason to miss the discussion.
  • Introduce at least one paper in class before the end of semester. You get an email by Monday, 23:59 if you are selected to give the 3-minute paper introduction in the next meeting. Slides are optional.

Grading Scheme

  • Summary: 60%
  • Poster and Demo: 30%
  • Lively discussion: 10%

Summaries

Each summary should be sent to gambi AT st.cs.uni-saarland.de before the deadline. Late submissions will be downgraded or rejected.

You can find some suggestions on how to write a summary here.

Feedback

At the end of each discussion session we will provide feedback on your summaries and suggestions on how to improve them. On top of that, we will also provide a mini grade which will either be a

  • ++ Great job !
  • + Well done summary, and interesting questions
  • 0 Good summary. The summary fulfills all the requirements
  • - Summary is lacking important aspects. Should be improved
  • -- This is not how you summarize papers ...

 

In Class Presentations

Each students picks a paper and prepares a short presentation (max 10 mins) to introduce the paper in class. The same student, with the help of the lecturer, will lead the discussion about the paper. If a topic remains un-assigned, the lecturer will pick randomly a student for preparing the presentation.

Additional Items

For a lively discussion, all the students must prepare a short list of questions (min 2, max 5). Questions must be included in the summary report. 
No questions?! You get a - !

Related work: everybody must provide in the summary a list of related papers (min 2). Each of these paper must come with a 3-sentence explanation on why the paper is related, why the paper is important, how you found the paper. Related work that are already referenced by the original paper do not count.
No related work?! You get a - !



If you encounter technical problems, please contact the administrators