https://scholarworks.unist.ac.kr/handle/201301/29 2026-04-08T21:05:30Z https://scholarworks.unist.ac.kr/handle/201301/90944 Title: Approximate Voronoi Diagrams of Moving Points Author(s): Lee, Hyeonseok Abstract: We present a new type of Approximate Voronoi Diagrams (AVD) for sets of points in R^d. It has the advantage that it can be maintained efficiently for a set of moving points in R^d, as opposed to previous approaches based on quadtrees. In fixed dimension d, for a set of n points moving at constant velocity, with spread Φ, and for a relative error bound ε, we can maintain our AVD in overall O(n^3 log^2(Φ)/ε^(d^2+d)) time. We also present a simpler construction for approximate Point Location among Equal Balls (PLEB), which can be maintained efficiently for a set of moving points. Major: Department of Computer Science and Engineering 2026-01-31T15:00:00Z https://scholarworks.unist.ac.kr/handle/201301/90943 Title: Generating Test Cases by Recomposing Existing Developer Tests Author(s): Jang, Jooyoung Abstract: Automated test generation can reach large portions of code, yet it often fails to expose deep faults because it struggles to construct semantically valid, constraint-satisfying object states that actually trigger failures. We present BOOSTER, a developer-test amplification technique that increases fault exposure by harvesting and globally recomposing valid input ingredients from developer-written tests. BOOSTER extracts object-defining statements and primitive/string values into type-indexed pools, augments missing receiver and parameter types via recursive dependency synthesis, and instantiates masked test skeletons with combinatorial selection to efficiently explore input combinations under a fixed budget. By leveraging the architectural knowledge embedded in developer tests, BOOSTER overcomes the limitations of from-scratch generation and addresses the structural constraints of prior amplification techniques that lack global ingredient recomposition. We evaluate BOOSTER on 790 real-world bugs from Defects4J (v2.0.1) across 17 open-source Java projects. In the regression scenario, BOOSTER outperforms auto- mated generation tools, detecting 298 bugs compared to 270 by EVOSUITE and 177 by RANDOOP, and it significantly surpasses state-of-the-art amplification techniques, detecting 235 bugs compared to 113 by EVO-AMP and 25 by DSPOT. In the non-regression scenario, BOOSTER demonstrates dominant performance, detecting 160 bugs compared to 87 by EVOSUITE and 77 by RANDOOP. Major: Department of Computer Science and Engineering 2026-01-31T15:00:00Z https://scholarworks.unist.ac.kr/handle/201301/90942 Title: Heap-Object State-Transition-Guided Fuzzing for Use-After-Free Vulnerabilities Author(s): Jang, Wonil Abstract: Use-after-free (UAF) is one of the most critical memory bugs and can be exploited to compromise software systems. Although many mitigation and discovery techniques have been proposed, discovering UAF vulnerabilities through fuzzing remains challenging because a UAF arises only when allocation, deallocation, and dereference operations occur in a specific temporal ordering on the same heap object. To address this challenge, recent fuzzing approaches guide input generation using feedback derived from heap operation sequences. HTFuzz, for example, promotes temporal diversity in heap behaviors by diversifying heap operation sequences observed at runtime. However, this feedback is not optimized for UAF discovery, as it does not distinguish heap operations by their target objects or explicitly capture pointer propagation required to expose UAF vulnerabilities. In this paper, we propose hsAFL, a heap-object state-transition-guided fuzzing approach that targets these limitations. hsAFL tracks object-level UAF-related state transitions, including pointer-copy operations, and prioritizes inputs that exercise new operation edges under object-specific state transitions. We evaluate hsAFL through repeated fuzzing experiments on seven real-world programs, with ten four-hour runs per target. Because hsAFL maintains state information for individual heap objects, it incurs additional runtime overhead and can reduce execution throughput. Despite this overhead, the results show that hsAFL discovers UAF vulnerabilities earlier than HTFuzz in four out of seven programs. Major: Department of Computer Science and Engineering 2026-01-31T15:00:00Z https://scholarworks.unist.ac.kr/handle/201301/90941 Title: Asynchronous and Incremental Binary Editing for x86-64 at Runtime Author(s): Baek, JiHun Abstract: Dynamic patching enables to edit running code without terminating or restarting execution, but achiev- ing safe and low-stall patching remains challenging in practice. Existing runtime approaches often rely on stop-the-world synchronization or execution-coupled patching, leading to stalls, atomicity hazards, race conditions in multi-threaded execution, and unpredictable conflicts in trampoline allocation. These challenges are particularly pronounced on x86-64, where variable-length instructions and weak align- ment guarantees complicate safe in-place code modification. This paper presents DIBE, a run-time binary editing framework that enables asynchronous and in- cremental patching for x86-64 user-space programs. DIBE reinterprets E9Patch, a static binary rewriter, as an offline metadata generator rather than a binary transformer. Instead of producing a rewritten exe- cutable, E9Patch exports jmp overwrite plans, trampoline code, and physical page grouping metadata. At runtime, a lightweight library that has been loaded along with the target process applies this metadata by allocating conflict-free trampoline pages using a just-in-time mapping subsystem and performing alignment-aware atomic jmp overwrites. Crucially, patch planning is fully decoupled from execution, and any stall is confined to the thread executing the patched site rather than the entire process. We evaluate DIBE using the SPEC CPU2006 benchmark suite and a multi-process Nginx server. Across all benchmarks, DIBE achieves microsecond-scale stall, per-instruction overwrite latency of ap- proximately 3–4 µs, and execution time overhead comparable to static rewriting. Memory usage remains predictable and modest due to physical page grouping. Even when tens of thousands of instructions are patched simultaneously across all worker processes, DIBE preserves stable latency and throughput. Overall, DIBE demonstrates that static rewriting guarantees and run-time patching need not be mu- tually exclusive. By combining offline correctness reasoning with asynchronous run-time activation, DIBE provides a scalable and practical foundation for low-stall binary editing in modern multi-threaded systems. Major: Department of Computer Science and Engineering 2026-01-31T15:00:00Z