Reading List
Debugging
[ICSE'06]HDD: hierarchical delta debugging
[FSE'06]``SOBER: Statistical Model-based Bug Localization
[ICSE'09] HOLMES: Effective Statistical Debugging via Efficient Path Profiling
[Manuscript]Chronicle:Efficient Collection And Storage Of Indexed Program Traces
[OOPSLA'05]Relational queries over program traces (Tao Bao)
[FSE'05]PR-Miner: Automatically Extracting Implicit Programming Rules and Detecting Violations in Large Software Code (Tao Bao)
[FSE'09] Improving Bug Triage with Bug Tossing Graphs
Testing
Automated Software Test Data Generation
Automated Whitebox Fuzz Testing
[ICSE'09] Taint-Based Directed Whitebox Fuzzing
[ICSE'09] Maintaining and Evolving GUI-Directed Test Scripts
[DSN'08] Convicting Remote Exploitable Vulnerabilities: An Efficient Input Provenance Based Approach
[FSE'07] Parallel test generation and execution with Korat
[FSE'07] Automated testing of refactoring engines
Debugging Distributed Systems
[NSDI' 09] CrystalBall : Predicting and Preventing Inconsistencies in Deployed Distributed Systems (Kyu Hyung)
[NSDI'09] MODIST: Transparent Model Checking of Unmodified Distributed Systems
[CC'09] Live Debugging of Distributed Systems (Yunhui)
[OSDI'08]R2: An Application-Level Kernel for Record and Replay (Yunhui)
[NSDI'07] Friday: Global Comprehension for Distributed Replay
[SC'09] Scalable Temporal Order Analysis for Large Scale Debugging
Debugging Concurrent Programs
[ASPLOS'09] Learning from mistakes: a comprehensive study on real world concurrency bug characteristics (Kyu Hyung)
[POPL'09] The theory of deadlock avoidance via discrete control (Dasarath)
[FSE'08]Randomized active atomicity violation detection in concurrent programs
[POPL'06]Autolocker:synchronization inference for atomic sections
[ISCA'09] A Case for an Interleaving Constrained Shared-Memory Multi-Processor(Dasarath)
Security
[Oakland'09] Prospex: Protocol Specification Extraction
[Security'08] Panalyst: Privacy-Aware Remote Error Analysis on Commodity Software
[CCS'09] Behavior Based Software Theft Detection
[Security'09] Baggy Bounds Checking: An Efficient and Backwards-Compatible Defense against Out-of-Bounds Errors
[Security'09|Dynamic Test Generation to Find Integer Bugs in x86 Binary Linux Programs
[Security'09] Cross-Origin JavaScript Capability Leaks: Detection, Exploitation, and Defense (Madhavan)
[ICSE'09] Automatic Creation of SQL Injection and Cross-Site Scripting Attacks (Madhavan)
[SOSP'07]Bouncer: securing software by blocking bad input (Zhiqiang)