关键词: 高阶属性文法，模糊测试，文法分析树，漏洞挖掘

Abstract: Knowledge based fuzzing techniques generally have some shortcomings of heavy workload in writing scripts. A model based automatic fuzzing script generation method was proposed. Firstly data fom}at is represented by the higher order attribute grammars, and uniform data representation which is irrelevant to the test environments can be obtained. Secondly, the grammar model is used to parse the sample data and build the grammar parsing tree. Lastly, the relation- ship between the parsing tree and the test logic is built, which can be used to generate test script automatically. Experi- mental results indicate that the method can generate effective test scripts automatically to discover potential vulnerabili- tics in software.

Key words: High-order attribute grammar,Fuzzing test,Grammar parsing tree,Vulnerability mining