no code implementations • 5 Mar 2021 • Danielle Gonzalez, Thomas Zimmermann, Patrice Godefroid, Max Schafer
Security is critical to the adoption of open source software (OSS), yet few automated solutions currently exist to help detect and prevent malicious contributions from infecting open source repositories.
Software Engineering
no code implementations • 21 Dec 2020 • Daniel Selsam, Jesse Michael Han, Leonardo de Moura, Patrice Godefroid
We introduce a new programming paradigm called oracle-guided decision programming in which a program specifies a Markov Decision Process (MDP) and the language provides a universal policy.
no code implementations • 23 May 2020 • Vaggelis Atlidakis, Roxana Geambasu, Patrice Godefroid, Marina Polishchuk, Baishakhi Ray
This paper introduces Pythia, the first fuzzer that augments grammar-based fuzzing with coverage-guided feedback and a learning-based mutation strategy for stateful REST API fuzzing.
no code implementations • 26 Jun 2018 • Vaggelis Atlidakis, Patrice Godefroid, Marina Polishchuk
A Swagger specification describes how to access a cloud service through its REST API (e. g., what requests the service can handle and what responses may be expected).
Software Engineering
no code implementations • 14 Jan 2018 • Konstantin Böttinger, Patrice Godefroid, Rishabh Singh
Fuzzing is the process of finding security vulnerabilities in input-processing code by repeatedly testing the code with modified inputs.
1 code implementation • 25 Jan 2017 • Patrice Godefroid, Hila Peleg, Rishabh Singh
Fuzzing consists of repeatedly testing an application with modified, or fuzzed, inputs with the goal of finding security vulnerabilities in input-parsing code.