Title :
RankFuzz: Fuzz Testing Based on Comprehensive Evaluation
Author :
Cheng Li ; Qiang Wei ; Qingxian Wang
Author_Institution :
Nat. Digital Switching Syst. Eng. & Technol. Res. Center, Zhengzhou, China
Abstract :
It has been proven successful that fuzz testing can successfully find security vulnerabilities in programs. However, traditional black box fuzz testing tools, which randomly mutate the input, are blind and ineffective. The white box fuzzing technology, known as the symbolic execution, is still facing the problem of low efficiency and path explosion. We present a new automated fuzzing technique based on comprehensive evaluation and a tool, Rank Fuzz, that implements this technique. By running dynamic taint analysis, we divide the input into several fields and make a rank to each of them according to the comprehensive evaluation results, in the hope that the potential vulnerability can be quickly found. We use several existing vulnerabilities to assess the reasonability of our evaluation system, finding that Rank Fuzz can effectively locate the bytes triggering the vulnerabilities and all of their ranks are on the top 30% of total fields. We also test two off-the-shelf applications within 8 hours and find 3 new vulnerabilities.
Keywords :
automatic testing; fuzzy set theory; program testing; security of data; software reliability; system monitoring; RankFuzz; automated fuzzing technique; automatic software security testing technology; comprehensive evaluation; dynamic taint analysis; fuzz testing; security vulnerability; Complexity theory; Computer bugs; Libraries; Security; Semantics; Software; Testing; comprehensive evaluation; dynamic taint analysis; fuzzing;
Conference_Titel :
Multimedia Information Networking and Security (MINES), 2012 Fourth International Conference on
Conference_Location :
Nanjing
Print_ISBN :
978-1-4673-3093-0
DOI :
10.1109/MINES.2012.161
