Automated Vulnerability Analysis: Leveraging Control Flow for Evolutionary Input Crafting

Author

Sparks, Sherri ; Embleton, Shawn ; Cunningham, Ryan ; Zou, Cliff

Author_Institution

Univ. of Central Florida, Orlando

fYear

2007

fDate

10-14 Dec. 2007

Firstpage

477

Lastpage

486

Abstract

We present an extension of traditional "black box" fuzz testing using a genetic algorithm based upon a dynamic Markov model fitness heuristic. This heuristic allows us to "intelligently" guide input selection based upon feedback concerning the "success" of past inputs that have been tried. Unlike many software testing tools, our implementation is strictly based upon binary code and does not require that source code be available. Our evaluation on a Windows server program shows that this approach is superior to random black box fuzzing for increasing code coverage and depth of penetration into program control flow logic. As a result, the technique may be beneficial to the development of future automated vulnerability analysis tools.

Keywords

Markov processes; genetic algorithms; program control structures; program testing; security of data; Windows server program; automated vulnerability analysis tool; binary code; black box fuzz testing; dynamic Markov model; fitness heuristic; genetic algorithm; program control flow logic; software testing tool; Application software; Automatic control; Computer security; Data security; Feedback; Flow graphs; Genetic algorithms; Logic testing; National security; System testing;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 2007. ACSAC 2007. Twenty-Third Annual

Conference_Location

Miami Beach, FL

ISSN

1063-9527

Print_ISBN

978-0-7695-3060-4

Type

conf

DOI

10.1109/ACSAC.2007.27

Filename

4413013