An effective fuzz input generation method for protocol testing

Author

Sui, Ai-Fen ; Tang, Wen ; Hu, Jian Jun ; Li, Ming Zhu

Author_Institution

Corp. Technol., Siemens Ltd. China, Beijing, China

fYear

2011

fDate

25-28 Sept. 2011

Firstpage

728

Lastpage

731

Abstract

Random fuzzer is a powerful tool to find vulnerabilities of protocol implementations. One important approach to generate test inputs uses regular expression, and the input may include all possible combinations of fundamental characters. Thus the number of test cases may be tremendous, and furthermore, equivalent strings may usually be generated. In this paper, an effective fuzz input generation method integrating random signal process and regular expression is proposed. Random signal processing technology helps to reduce equivalent inputs, and the regular expression method helps to cover as much special cases in input domain. By enlarging the distance between input cases, the method can reduce equivalent inputs dramatically, while at the same time cover as much special inputs. Protocol specific information element is also considered in the method.

Keywords

fuzzy set theory; protocols; signal processing; fuzz input generation method; protocol implementations; protocol specific information element; protocol testing; random fuzzer; random signal processing technology; Generators; Protocols; Random sequences; Security; Signal processing; Subspace constraints; Testing;

fLanguage

English

Publisher

ieee

Conference_Titel

Communication Technology (ICCT), 2011 IEEE 13th International Conference on

Conference_Location

Jinan

Print_ISBN

978-1-61284-306-3

Type

conf

DOI

10.1109/ICCT.2011.6157972

Filename

6157972