Fuzzing-Based Office Software Vulnerability Mining on Android Platform

A New Fuzzing Technique for Software Vulnerability Mining

Test case mutation and generation (m&g) based on data samples is an effective way to generate test cases for Knowledge-based fuzzing, but present m&g technique is only capable of one-dimensional m&g at a time, based on a data sample, and thus it is impossible to find a vulnerability that can only be detected by multidimensional m&g. This paper proposes a mathematical model FTSG that formally de...

Fuzzing for software vulnerability discovery

CONFU: Configuration Fuzzing Testing Framework for Software Vulnerability Detection

Many software security vulnerabilities only reveal themselves under certain conditions, i.e., particular configurations and inputs together with a certain runtime environment. One approach to detecting these vulnerabilities is fuzz testing. However, typical fuzz testing makes no guarantees regarding the syntactic and semantic validity of the input, or of how much of the input space will be expl...

Configuration Fuzzing Testing Framework for Software Vulnerability Detection

Many software security vulnerabilities only reveal themselves under certain conditions, that is, particular configurations and inputs together with a certain runtime environment. One approach to detecting these vulnerabilities is fuzz testing. However, typical fuzz testing makes no guarantees regarding the syntactic and semantic validity of the input, or of how much of the input space will be e...

ConFu: Configuration Fuzzing Framework for Software Vulnerability Detection Thesis proposal

Many software security vulnerabilities only reveal themselves under certain conditions, i.e., particular configurations of the software and certain inputs together with its particular runtime environment. One approach to detecting these vulnerabilities is fuzz testing, which feeds a range of randomly modified inputs to a software application while monitoring it for failures. However, typical fu...