Title :
GramFuzz: Fuzzing testing of web browsers based on grammar analysis and structural mutation
Author :
Tao Guo ; Puhan Zhang ; Xin Wang ; Qiang Wei
Author_Institution :
China Inf. Technol. Security valuation Center Beijing, Beijing, China
Abstract :
Fuzz testing is an automated black-box testing technique providing random data as input to a software system in the hope to find vulnerability. In order to be effective, the fuzzed input must be common enough to pass elementary consistency checks. Web Browser accepts JavaScript, CSS files as well as the html as input, which must be considered in fuzzing testing, while traditional fuzzing technology generates test cases using simple mutation strategies, ignoring the grammar and code structure. In this article, vulnerability patterns are summarized and a new fuzzing testing method are proposed based on grammar analysis of input data and mutation of code structure. Combining methods of generation and mutation, test cases will be more effective in the fuzzing testing of web browsers. Applied on the Mozilla and IE web browsers, it discovered a total of 36 new severe vulnerabilities(and thus became one of the top security bug bounty collectors within this period).
Keywords :
fuzzy set theory; grammars; hypermedia markup languages; online front-ends; program testing; CSS files; GramFuzz:; HTML; IE Web browsers; JavaScript; Mozilla Web browsers; automated black-box testing technique; code structure mutation; fuzzing testing; grammar analysis; mutation strategies; software system; structural mutation; vulnerability patterns; Browsers; Cascading style sheets; Grammar; HTML; Libraries; Security; Testing; fuzzing testing; grammar analysis; structural mutationt; web brwoser;
Conference_Titel :
Informatics and Applications (ICIA),2013 Second International Conference on
Conference_Location :
Lodz
Print_ISBN :
978-1-4673-5255-0
DOI :
10.1109/ICoIA.2013.6650258
