Alessandro Orso
YOU?
Author Swipe
View article: LlamaRestTest: Effective REST API Testing with Small Language Models
LlamaRestTest: Effective REST API Testing with Small Language Models Open
Modern web services rely heavily on REST APIs, typically documented using the OpenAPI specification. The widespread adoption of this standard has resulted in the development of many black-box testing tools that generate tests based on Open…
View article: LlamaRestTest: Effective REST API Testing with Small Language Models
LlamaRestTest: Effective REST API Testing with Small Language Models Open
Modern web services rely heavily on REST APIs, typically documented using the OpenAPI specification. The widespread adoption of this standard has resulted in the development of many black-box testing tools that generate tests based on Open…
View article: AutoRestTest: A Tool for Automated REST API Testing Using LLMs and MARL
AutoRestTest: A Tool for Automated REST API Testing Using LLMs and MARL Open
As REST APIs have become widespread in modern web services, comprehensive testing of these APIs has become increasingly crucial. Due to the vast search space consisting of operations, parameters, and parameter values along with their compl…
View article: A Multi-Agent Approach for REST API Testing with Semantic Graphs and LLM-Driven Inputs
A Multi-Agent Approach for REST API Testing with Semantic Graphs and LLM-Driven Inputs Open
As modern web services increasingly rely on REST APIs, their thorough testing has become crucial. Furthermore, the advent of REST API documentation languages, such as the OpenAPI Specification, has led to the emergence of many black-box RE…
View article: Improving Program Debloating with 1-DU Chain Minimality
Improving Program Debloating with 1-DU Chain Minimality Open
Modern software often struggles with bloat, leading to increased memory consumption and security vulnerabilities from unused code. In response, various program debloating techniques have been developed, typically utilizing test cases that …
View article: Leveraging Large Language Models to Improve REST API Testing
Leveraging Large Language Models to Improve REST API Testing Open
The widespread adoption of REST APIs, coupled with their growing complexity and size, has led to the need for automated REST API testing tools. Current tools focus on the structured data in REST API specifications but often neglect valuabl…
View article: A Framework For Inferring Properties of User-Defined Functions
A Framework For Inferring Properties of User-Defined Functions Open
User-defined functions (UDFs) are widely used to enhance the capabilities of DBMSs. However, using UDFs comes with a significant performance penalty because DBMSs treat UDFs as black boxes, which hinders their ability to optimize queries t…
View article: Generating REST API Specifications through Static Analysis
Generating REST API Specifications through Static Analysis Open
Web Application Programming Interfaces (APIs) allow services to be accessed over the network. RESTful (or REST) APIs, which use the REpresentation State Transfer (REST) protocol, are a popular type of web API. To use or test REST APIs, dev…
View article: Improving Program Debloating with 1-DU Chain Minimality
Improving Program Debloating with 1-DU Chain Minimality Open
Modern software often struggles with bloat, leading to increased memory consumption and security vulnerabilities from unused code. In response, various program debloating techniques have been developed, typically utilizing test cases that …
View article: Leveraging Large Language Models to Improve REST API Testing
Leveraging Large Language Models to Improve REST API Testing Open
The widespread adoption of REST APIs, coupled with their growing complexity and size, has led to the need for automated REST API testing tools. Current tools focus on the structured data in REST API specifications but often neglect valuabl…
View article: Learning Defect Prediction from Unrealistic Data
Learning Defect Prediction from Unrealistic Data Open
Pretrained models of code, such as CodeBERT and CodeT5, have become popular choices for code understanding and generation tasks. Such models tend to be large and require commensurate volumes of training data, which are rarely available for…
View article: Adaptive REST API Testing with Reinforcement Learning
Adaptive REST API Testing with Reinforcement Learning Open
Modern web services increasingly rely on REST APIs. Effectively testing these APIs is challenging due to the vast search space to be explored, which involves selecting API operations for sequence creation, choosing parameters for each oper…
View article: Toward Automatic Test Synthesis for Performance Portable Programs.
Toward Automatic Test Synthesis for Performance Portable Programs. Open
View article: Automated test generation for REST APIs: no time to rest yet
Automated test generation for REST APIs: no time to rest yet Open
Modern web services routinely provide REST APIs for clients to access their functionality. These APIs present unique challenges and opportunities for automated testing, driving the recent development of many techniques and tools that gener…
View article: Enhancing Mobile App Bug Reporting via Real-time Understanding of Reproduction Steps
Enhancing Mobile App Bug Reporting via Real-time Understanding of Reproduction Steps Open
One of the primary mechanisms by which developers receive feedback about in-field failures of software from users is through bug reports. Unfortunately, the quality of manually written bug reports can vary widely due to the effort required…
View article: Automated Test Generation for Performance Portable Programs Using Clang/LLVM and Formal Methods .
Automated Test Generation for Performance Portable Programs Using Clang/LLVM and Formal Methods . Open
View article: Automated Performance Bug Detection in Database Systems.
Automated Performance Bug Detection in Database Systems. Open
Because database systems are the critical component of modern data-intensive applications, it is important to ensure that they operate correctly. To this end, developers extensively test these systems to eliminate bugs that negatively affe…
View article: Testing DBMS Performance with Mutations
Testing DBMS Performance with Mutations Open
Because database systems are the critical component of modern data-intensive applications, it is important to ensure that they operate correctly. To this end, developers extensively test these systems to eliminate bugs that negatively affe…
View article: A framework for automated test mocking of mobile apps
A framework for automated test mocking of mobile apps Open
Mobile apps interact with their environment extensively, and these interactions can complicate testing activities because test cases may need a complete environment to be executed. Interactions with the environment can also introduce test …
View article: Seven reasons why
Seven reasons why Open
Experience paper: Testing of mobile apps is time-consuming and requires a great deal of manual effort. For this reason, industry and academic researchers have proposed a number of test input generation techniques for automating app testing…
View article: AppTestMigrator
AppTestMigrator Open
The use of mobile apps is increasingly widespread, and much effort is put into testing these apps to make sure they behave as intended. In this demo, we present AppTestMigrator, a technique and tool for migrating test cases between apps wi…
View article: Program debloating via stochastic optimization
Program debloating via stochastic optimization Open
Programs typically provide a broad range of features. Because different typologies of users tend to use only a subset of these features, and unnecessary features can harm performance and security, program debloating techniques, which can r…
View article: PG-KLEE
PG-KLEE Open
Comprehensive test inputs are an essential ingredient for dynamic software analysis techniques, yet are typically impossible to obtain and maintain. Automated input generation techniques can supplant manual effort in many contexts, but the…
View article: Automated API-usage update for Android apps
Automated API-usage update for Android apps Open
Mobile apps rely heavily on the application programming interface (API) provided by their underlying operating system (OS). Because OS and API can change frequently, developers must quickly update their apps to ensure that the apps behave …
View article: Robustness of Neural Networks: A Probabilistic and Practical Approach
Robustness of Neural Networks: A Probabilistic and Practical Approach Open
Neural networks are becoming increasingly prevalent in software, and it is therefore important to be able to verify their behavior. Because verifying the correctness of neural networks is extremely challenging, it is common to focus on the…
View article: Creating an Interprocedural Analyst-Oriented Data Flow Representation for Binary Analysts (CIAO)
Creating an Interprocedural Analyst-Oriented Data Flow Representation for Binary Analysts (CIAO) Open
National security missions require understanding third-party software binaries, a key element of which is reasoning about how data flows through a program. However, vulnerability analysts protecting software lack adequate tools for underst…
View article: Test migration for efficient large-scale assessment of mobile app coding assignments
Test migration for efficient large-scale assessment of mobile app coding assignments Open
In recent years, there has been a growing interest in making education widely accessible using Internet technologies. Whether it is Massive Open Online Courses (MOOCs) or simply college courses offered to a large student population using a…
View article: Automated test migration for mobile apps
Automated test migration for mobile apps Open
The use of mobile apps is increasingly widespread, and much effort is put into testing these apps to make sure they behave as intended. To reduce this effort, and thus the cost of mobile app testing, we propose AppTestMigrator, a technique…
View article: Enlightened debugging
Enlightened debugging Open
Numerous automated techniques have been proposed to reduce the cost of software debugging, a notoriously time-consuming and human-intensive activity. Among these techniques, Statistical Fault Localization (SFL) is particularly popular. One…
View article: RAIN
RAIN Open
As modern attacks become more stealthy and persistent, detecting or preventing them at their early stages becomes virtually impossible. Instead, an attack investigation or provenance system aims to continuously monitor and log interesting …