Noller, YannicKersten, RodyPasareanu, CorinaBecker, SteffenBogicevic, IvanHerzwurm, GeorgWagner, Stefan2019-03-142019-03-142019978-3-88579-686-2https://dl.gi.de/handle/20.500.12116/20874In this work, we report on our recent research results on “Badger: Complexity Analysis with Fuzzing and Symbolic Execution” which was published in the proceedings of the 27th ACM SIGSOFT International Symposium on Software Testing and Analysis [NKP18]. Badger employs a hybrid software analysis technique that combines fuzzing and symbolic execution for finding performance bottlenecks in software. Our primary goal is to use Badger to discover vulnerabilities which are related to worst-case time or space complexity of an application. To this end, we use a cost-guided fuzzing approach, which produces inputs to increase the code coverage, but also to maximize a resource-related cost function, such as execution time or memory usage. We combine this fuzzing technique with a customized symbolic execution, which is also guided by heuristics that aim to increase the same cost. Experimental evaluation shows that this hybrid approach enables us to use the strengths of both techniques and overcome their individual weaknesses.enSoftware TestingComplexity AnalysisFuzzingSymbolic ExecutionText/Conference Paper10.18420/se2019-161617-5468