This is a nonexhaustive list of interesting papers and background materials. Feel free to suggest another paper that interests you! If there is a topic or area that you would like to investigate, you can let me know, and I can suggest additional papers of interest. You might look through the proceedings of ISSTA, ICSE, PLDI, FSE, ICST, ASPLOS, ICSM, ASE, ISMM, Middleware, ICPC, POPL, Usenix Security, SAS, or WODA.
Driller: Augmenting Fuzzing Through Selective Symbolic Execution
[https://github.com/shellphish/driller]
(State of) The Art of War: Offensive Techniques in Binary Analysis
DieHarder: Securing the Heap
[https://github.com/emeryberger/DieHard]
ASLR-Guard: Stopping Address Space Leakage for Code Reuse Attacks
[https://github.com/sslab-gatech/aslr-guard]
Boosting the Precision of Virtual Call Integrity Protection with Partial Pointer Analysis for C++
Dynamic hooks: hiding control flow changes within non-control data
Control Jujutsu: On the Weaknesses of Fine-Grained Control Flow Integrity
FairFuzz: Targeting Rare Branches to Rapidly Increase Greybox Fuzz Testing Coverage
Under-Constrained Symbolic Execution: Correctness Checking for Real Code
SPAIN: Security Patch Analysis for Binaries - Towards Understanding the Pain and Pills
A Compiler and Verifier for Page Access Oblivious Computation
Data-Oriented Programming: On the Expressiveness of Non-Control Data Attacks
[https://huhong-nus.github.io/advanced-DOP/]
Synthesizing Program Input Grammars
[https://github.com/obastani/glade]
MARX: Uncovering Class Hierarchies in C++ Programs
[https://github.com/RUB-SysSec/Marx]
AI: A Lightweight System for Tolerating Concurrency Bugs
[https://james0zan.github.io/AI.html]
Efficient Computation of Happens-Before Relation for Event-Driven Programs
[https://bitbucket.org/iiscseal/eventtrack]
Efficient Detection of Thread Safety Violations via Coverage-Guided Generation of Concurrent Tests
BigFoot: Static Check Placement for Dynamic Race Detection
[https://github.com/stephenfreund/RoadRunner]
Generating Focused Random Tests using Directed Swarm Testing
Coverage-directed differential testing of JVM implementations
CAB-Fuzz: Practical Concolic Testing Techniques for COTS Operating Systems
Evaluating and Improving Fault Localization
[https://bitbucket.org/rjust/fault-localization-data]
Evaluating the Usefulness of IR-Based Fault Localization Techniques
S3: Syntax- and Semantic-Guided Repair Synthesis via Programming by Examples
Fast Synthesis of Fast Collections
[http://cozy.uwplse.org/]
Automatically Improving Accuracy for Floating Point Expressions
[https://herbie.uwplse.org/]
Automatic runtime recovery via error handler synthesis
[http://moon.nju.edu.cn/dse/ares/http://moon.nju.edu.cn/dse/ares/]
CodeHint: Dynamic and Interactive Synthesis of Code Snippets
[https://github.com/jgalenson/codehint]
Angelix: scalable multiline program patch synthesis via symbolic analysis
[http://angelix.io/]
Synthesizing Transformations on Hierarchically Structured Data
Synthesizing Highly Expressive SQL Queries from Input-Output Examples
[http://scythe.cs.washington.edu]
Synthesis of Divide and Conquer Parallelism for Loops
[https://github.com/victornicolet/parsynt]
LASE: locating and applying systematic edits by learning from examples
Refining interprocedural change-impact analysis using equivalence relations
Null Dereference Verification via Over-approximated Weakest Pre-conditions Analysis
Lightweight detection of physical unit inconsistencies without program annotations
Precise Data Flow Analysis in the Presence of Correlated Method Calls
PerfRanker: prioritization of performance regression tests for collection-intensive software
REMIX: Online Detection and Repair of Cache Contention for the JVM
Automatic Generation of Inter-Component Communication Exploits for Android Applications
µDroid: An Energy-Aware Mutation Testing Framework for Android
Systematic Execution of Android Test Suites in Adverse Conditions
ReDeCheck: An Automatic Layout Failure Checking Tool for Responsively Designed Web Pages
Automated Repair of Layout Cross Browser Issues using Search-Based Techniques
[https://github.com/sonalmahajan/xfix]
ZenIDS: Introspective Intrusion Detection for PHP Applications
To Type or Not to Type: Quantifying Preventable Bugs in JavaScript
Dynamically discovering likely program invariants to support program evolution
Merlin: specification inference for explicit information flow problems
Inferring Method Specifications from Natural Language API Descriptions