For an introduction to the motivations and concepts of fuzzing, please see the article by Baker1 on page 42 of this issue of Horizons. Additional background on fuzzing also has been reported previously.2 If you read the the article by Baker, you are probably convinced that fuzzing is a crucial part of any software development life cycle or validation and verification process. What now? How can ...

Verification back ends such as SMT solvers are typically highly complex pieces of software with performance, correctness and robustness as key requirements. Full verification of SMT solvers, however, is difficult due to their complex nature and still an open question. Grammar-based black-box input fuzzing proved to be effective to uncover bugs in SMT solvers but is entirely input-based and rest...

Language fuzzing is a bug-finding technique for testing compilers and interpreters; its effectiveness depends upon the ability to automatically generate valid programs in the language under test. Despite the proven success of language fuzzing, there is a severe lack of tool support for fuzzing statically-typed languages with advanced type systems because existing fuzzing techniques cannot effec...

This paper focuses on describing the necessary background to begin working with Binder: Android’s Interprocess Communication (IPC) mechanism, and Linux/Android system call (“syscall”) fuzzing tools. The objective was to study Android and Binder along with system call fuzzing in order to learn more about Android, Binder IPC, and vulnerability detection and analysis. Our study was further concent...

Fuzzing consists of repeatedly testing an application with modified, or fuzzed, inputs with the goal of finding security vulnerabilities in input-parsing code. In this paper, we show how to automate the generation of an input grammar suitable for input fuzzing using sample inputs and neural-network-based statistical machine-learning techniques. We present a detailed case study with a complex in...

Abstract The fuzzing test is able to discover various vulnerabilities and has more chances hit the zero-day targets. And ICS(Industrial control system) currently facing huge security threats requires standards, like ISO 62443, ensure quality of device. However, some industrial proprietary communication protocols can be customized have complicated structures, system cannot quickly generate data ...

-Fuzzing is one of the most commonly used methods to detect software vulnerabilities which are one major cause of information security incidents. The basic idea of fuzzing is to discover software vulnerabilities by feeding unexpected input and monitoring abnormal behaviors. Although it has advantages of simple design and low error report, its efficiency is usually poor. In this paper we present...

Blackbox fuzz testing can only test a small portion of code when rigorously checking the well-formedness of input values. To overcome this problem, blackbox fuzz testing is performed using a grammar that delineates the format information of input values. However, it is almost impossible to manually construct a grammar if the input specifications are not known. We propose an alternative techniqu...

Fuzzing is a popular dynamic program analysis technique used to find vulnerabilities in complex software. Fuzzing involves presenting a target program with crafted malicious input designed to cause crashes, buffer overflows, memory errors, and exceptions. Crafting malicious inputs in an efficient manner is a difficult open problem and often the best approach to generating such inputs is through...

The mechanisms which enable the vast majority of computer attacks are based on design and programming errors in networked applications. The growing use of voice over IP (VOIP) phone technology makes these phone applications potential targets. We present a tool to perform security testing of VOIP applications to identify security vulnerabilities which can be exploited by an attacker. Session Ini...