Fuzzing Configurations of Program Options - RCR Report
نویسندگان
چکیده
This artifact contains the source code and instructions to reproduce evaluation results of article “Fuzzing Configurations Program Options.” The includes configuration grammars for six target programs, scripts generate stubs, post-process fuzzing results. README steps prepare experimental environment on a clean Ubuntu machine step-by-step commands experiments. A VirtualBox image with ConfigFuzz properly set up is also included.
منابع مشابه
Static Program Analysis as a Fuzzing Aid
Fuzz testing is an effective and scalable technique to perform software security assessments. Yet, contemporary fuzzers fall short of thoroughly testing applications with a high degree of control-flow diversity, such as firewalls and network packet analyzers. In this paper, we demonstrate how static program analysis can guide fuzzing by augmenting existing program models maintained by the fuzze...
متن کاملEfficient Program Exploration by Input Fuzzing
One of the issues of a malware detection service is to update its database. For that, an analysis of new samples must be performed. Usually, one tries to replay the behavior of malware in a safe environment. But, a bot sample may activate a malicious function only if it receives some particular input from its command and control server. The game is to find inputs which activate all relevant bra...
متن کاملASKAP Array Configurations: Options and Recommendations
Executive Summary In this discussion document we consider the various configuration options available to ASKAP, within the context of the overall system parameters, budget, telescope lifetime and the science case. We focus our discussion on the options available for a 30 and a 45 antenna system and come to the following recommendations. If ASKAP consists of only 30 antennas, the initial configu...
متن کاملH-Fuzzing: A New Heuristic Method for Fuzzing Data Generation
How to efficiently reduce the fuzzing data scale while assuring high fuzzing veracity and vulnerability coverage is a pivotal issue in program fuzz test. This paper proposes a new heuristic method for fuzzing data generation named with H-Fuzzing. H-Fuzzing achieves a high program execution path coverage by retrieving the static information and dynamic property from the program. Our experiments ...
متن کاملDeep Reinforcement Fuzzing
Fuzzing is the process of finding security vulnerabilities in input-processing code by repeatedly testing the code with modified inputs. In this paper, we formalize fuzzing as a reinforcement learning problem using the concept of Markov decision processes. This in turn allows us to apply state-of-theart deep Q-learning algorithms that optimize rewards, which we define from runtime properties of...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: ACM Transactions on Software Engineering and Methodology
سال: 2023
ISSN: ['1049-331X', '1557-7392']
DOI: https://doi.org/10.1145/3580601