(2017) Efficient fuzz testing leveraging input, code, and execution.
|
Text
ds.pdf Download (141kB) | Preview |
Abstract
Any kind of smart testing technique must be very efficient to be competitive with random fuzz testing. State-of the-art test generators are largely inferior to random testing in real world applications. This work proposes to gather and evaluate lightweight analyses that can enable the creation of an efficient and sufficiently effective analysis-assisted fuzz tester. The analyses shall leverage information sources apart from the program under test itself, such as e.g. descriptions of the targeted input format in the form of extended context-free grammars, or hardware counters. As the main contributions, an efficient framework for building fuzzers around given analyses will be created, and with its help analyses will be identified and categorized according to their performance.
| Item Type: | Conference or Workshop Item (A Paper) (Paper) |
|---|---|
| Uncontrolled Keywords: | context-free grammars;program diagnostics;program testing;analysis-assisted fuzz tester;code;execution;extended context-free grammars;hardware counters;input;lightweight analysis;random fuzz testing;smart testing technique;test generators;Analytical models;Data models;Generators;Grammar;Measurement;Production;Testing;efficient fuzz testing;fuzz testing;fuzzing;grammar-based testing;software engineering;test input generation |
| Divisions: | Andreas Zeller (Software Engineering, ST) |
| Conference: | ICSE International Conference on Software Engineering |
| Depositing User: | Ben Stock |
| Date Deposited: | 14 Feb 2018 12:48 |
| Last Modified: | 10 Mar 2020 14:38 |
| Primary Research Area: | NRA5: Empirical & Behavioral Security |
| URI: | https://publications.cispa.saarland/id/eprint/1439 |
Actions
Actions (login required)
 |
View Item |