Title :
New Development of Fuzzing-based Vulnerabilities Mining Research
Author :
Lanlan, Qi ; Dan, Xu ; Zhiyong, Wu ; Qixue, Xiao
Author_Institution :
DCST, Tsinghua Univ., Beijing, China
Abstract :
From B.P. Miller firstly introduced the fuzzing in 1990 and found failures in over 25% of UNIX programs, to recent Taint Scope system presented by Peking University and the discovery of 27 0day vulnerabilities in several popular software including Adobe Acrobat, the practical experiences and results have illuminated that fuzzing are effective for vulnerability mining. In this paper, fuzzing are studied and surveyed. First, new features of fuzzing is analyzed. And then, current test case generation techniques of fuzzing is divided into four categories. This paper also indicates new research directions for improving fuzzing.
Keywords :
Unix; data mining; program testing; software reliability; Adobe Acrobat; Peking University; TaintScope system; UNIX program; fuzzing based vulnerability mining research; test case generation technique; Computer crashes; Data mining; Data structures; Educational institutions; Electronic equipment; Monitoring; Protocols; accuracy; deformity; fuzzing; generation technique; vulnerabilities mining;
Conference_Titel :
Instrumentation, Measurement, Computer, Communication and Control, 2011 First International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-0-7695-4519-6
DOI :
10.1109/IMCCC.2011.107
