Paper Info
Title
A Taint Based Approach for Smart Fuzzing
Abstract
Fuzzing is one of the most popular test-based software vulnerability detection techniques. It consists in running the target application with dedicated inputs in order to exhibit potential failures that could be exploited by a malicious user. In this paper we propose a global approach for fuzzing, addressing the main challenges to be faced in an industrial context: large-size applications, without source code access, and with a partial knowledge of the input specifications. This approach integrates several successive steps, and we mostly focus here on an important one which relies on binary-level dynamic taint analysis. We summarize the main problems to be addressed in this step, and we detail the solution we implemented to solve them.
Year
DOI
Venue
2012
10.1109/ICST.2012.182
Software Testing, Verification and Validation
Keywords
Field
DocType
smart fuzzing,large-size application,input specification,binary-level dynamic taint analysis,global approach,malicious user,industrial context,dedicated input,detection technique,main problem,main challenge,source coding,protocols,assembly,dynamic analysis,registers,software reliability,taint analysis,source code,formal specification,security,system monitoring,software security
Vulnerability (computing),Fuzz testing,Source code,Computer science,Formal specification,System monitoring,Real-time computing,Software,Taint checking,Software quality
Conference
ISBN
Citations 
PageRank 
978-1-4577-1906-6
17
0.94
References 
Authors
18
4
Name
Order
Citations
PageRank
Sofia Bekrar1382.14
Chaouki Bekrar2382.14
Roland Groz349650.60
Laurent Mounier4118779.54