Be the first to like this
With the current technological advances there is arisingneed for testing the reliability and the security of software. Security testing usually requires manual work from a highly specialized security researcher.However,lately a number of program analysis techniques have been employed in order to automate parts of the process. In this thesis an automatic system is developed that uses dynamic analysis and symbolic execution in order to produce testcases for programs. Dynamic analysis is used in order to collect run time information like the current program state,the usage of input data by the program and the paths that have been executed by the program. This information is used in order to accelerate symbolic execution and produce a test case file that is able to pass various program checks and execute more program code, thusincreasingcodecoverage.These test case can be used in further analys is of the program. The system that was developed gives encouraging results producing partial input files with the structure that is expected by the programs analyzed, automatically and without any prior knowledge.However,the limitations of symbolic execution quickly become apparent since the analysis complexity has exponential complexity .As a result additional methods must be used in order to surpass these limitations in larger programs.