Abstract: A method and system for finding vulnerabilities in a program using fuzzing have been provided. The disclosure provides a vulnerability detection framework using a language agnostic single fuzzer that can fuzz smart contracts written in different programming languages. The idea here is that a smart contract written in a high-level language is converted/compiled into an LLVM intermediate representation (LLVM IR) code and then perform the fuzzing on this LLVM IR code instead of fuzzing smart contract source code directly. The process of generating fuzz driver, report driver is automated by handling the standardization issue by carefully dividing the smart contracts into categories. The present disclosure is proposing processes of automation of fuzz or report driver generation. Further the language agnostic feature (done with intermediate representation) is also achieved. Further profiling is achieved which processes fuzzer output and generates meaningful data points.

Abstract: A method and system for finding vulnerabilities in a program using fuzzing have been provided. The disclosure provides a vulnerability detection framework using a language agnostic single fuzzer that can fuzz smart contracts written in different programming languages. The idea here is that a smart contract written in a high-level language is converted/compiled into an LLVM intermediate representation (LLVM IR) code and then perform the fuzzing on this LLVM IR code instead of fuzzing smart contract source code directly. The process of generating fuzz driver, report driver is automated by handling the standardization issue by carefully dividing the smart contracts into categories. The present disclosure is proposing processes of automation of fuzz or report driver generation. Further the language agnostic feature (done with intermediate representation) is also achieved. Further profiling is achieved which processes fuzzer output and generates meaningful data points.

Abstract: The present subject matter relates to securing data on a computing system. In an example, a request to execute an application instance of the application is received. After receiving the request a role to be associated with the application instance may be identified based on one of user inputs, an object-role mapping, and a set of rules. Further, the application is executable in a plurality of application instances and the role of the application instance is indicative of a nature of activity to be performed in the application instance. The identified role is then associated with the application instance. Based on the role, data pertaining to the application instance may be stored in a memory location allocated to the role of the application instance. Further, each role has a dedicated memory location.

Abstract: The present subject matter relates to securing data on a computing system. In an example, a request to execute an application instance of the application is received. After receiving the request a role to be associated with the application instance may be identified based on one of user inputs, an object-role mapping, and a set of rules. Further, the application is executable in a plurality of application instances and the role of the application instance is indicative of a nature of activity to be performed in the application instance. The identified role is then associated with the application instance. Based on the role, data pertaining to the application instance may be stored in a memory location allocated to the role of the application instance. Further, each role has a dedicated memory location.