منابع مشابه
H-Fuzzing: A New Heuristic Method for Fuzzing Data Generation
How to efficiently reduce the fuzzing data scale while assuring high fuzzing veracity and vulnerability coverage is a pivotal issue in program fuzz test. This paper proposes a new heuristic method for fuzzing data generation named with H-Fuzzing. H-Fuzzing achieves a high program execution path coverage by retrieving the static information and dynamic property from the program. Our experiments ...
متن کاملDeep Reinforcement Fuzzing
Fuzzing is the process of finding security vulnerabilities in input-processing code by repeatedly testing the code with modified inputs. In this paper, we formalize fuzzing as a reinforcement learning problem using the concept of Markov decision processes. This in turn allows us to apply state-of-theart deep Q-learning algorithms that optimize rewards, which we define from runtime properties of...
متن کاملDirected Fuzzing Techniques
Beyond the more general fuzzing techniques that are, among others, used to generate tests with a certain amount of coverage, there exist techniques to direct fuzzers with the goal to execute specific program parts (recent changes, critical system calls, ...). A recent approach is described in [1]. The student is to examine the approach described in the given paper and compare it to similar exis...
متن کامل0-knowledge fuzzing
Nowadays fuzzing is a pretty common technique used both by attackers and software developers. Currently known techniques usually involve knowing the protocol/format that needs to be fuzzed and having a basic understanding of how the user input is processed inside the binary. In the past since fuzzing was little-used obtaining good results with a small amount of effort was possible. Today findin...
متن کاملService-Fingerprinting mittels Fuzzing
Für die Durchführung effektiver Penetrationstests ist die Identifizierung von Diensten (Services) und Applikationen auf den Zielsystemen, das sogenannte Service-Fingerprinting, von zentraler Bedeutung. Ziel dieses Beitrags ist es, mögliche Verbesserungspotentiale bestehender Fingerprinting-Tools zu beleuchten. Dies soll durch Einsatz von Mutation-Based Fuzzing zwecks einfacher und automatischer...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEICE ESS Fundamentals Review
سال: 2016
ISSN: 1882-0875
DOI: 10.1587/essfr.9.3_188