Computer Science ›› 2016, Vol. 43 ›› Issue (5): 1-8.doi: 10.11896/j.issn.1002-137X.2016.05.001

    Next Articles

Survey of Fuzz Testing Technology

ZHANG Xiong and LI Zhou-jun   

  • Online:2018-12-01 Published:2018-12-01

Abstract: Security vulnerabilities in software may lead to serious consequences,and vulnerability exploiting has become a hot area of research in network and information security.Popular vulnerability exploiting technologies include static analysis,dynamic analysis,binary code comparison,fuzz testing and so on.Along with the expansion of the scale and complexity of software,fuzz testing has incomparable advantages which other vulnerability exploiting technology can’t provide.Firstly,both advantages and disadvantages of various vulnerability exploiting technology are discussed.Second-ly,an account of the research advances of fuzz testing the procedure of fuzz testing and test case generation technology were described in detail.Finally,the applications of fuzz testing were shown and the trend of future study was discussed.

Key words: Software security,Vulnerability exploiting,Fuzz testing,Test case generation

[1] CNCERT.2013 China Internet Network Security Report [M].Beijing:Post & Telecom Press,2013(in Chinese) 国家计算机应急技术处理协调中心.2013年中国互联网网络安全报告[M].北京:人民邮电出版社,2013
[2] Mei Hong,Wang Qian-xiang,Zhang Lu,et al.Analysis of the progress of software technology[J].Chinese Journal of Computers,2009,32(9):1697-1710(in Chinese) 梅宏,王千祥,张路,等.软件分析技术进展[J].计算机学报,2009,32(9):1697-1710
[3] ITS4[EB/OL].http://seclab.cs.ucdavis.edu/projects/testing/tools/its4.html
[4] FLAWFINDER[EB/OL].http://www.dwheeler.com/flawfinder
[5] IDA PRO[EB/OL].https://www.hex-rays.com/index.shtml
[6] Zhao Xiao-dong.Research and implementation of based malware analysis tool[D].Nanjing:Nanjing University,2012(in Chinese) 赵晓东.基于虚拟化的恶意软件分析工具的研究与实现[D].南京:南京大学,2012
[7] Vouk M A.Software reliability engineering∥A Tutorial Pre-sented at the Annual Reliability and Maintainability Symposium.2000.http://renoir.csc.ncsu.edu/Faculty/Vouk/vouk_se.html
[8] OllyDbg[EB/CP].http://www.ollydbg.de
[9] WinDbg[EB/CP].Whttp://www.windbg.org
[10] SoftICE[EB/OL].http://en.wikipedia.org/wiki/SoftICE
[11] Miller B P,Koski D,Lee C,et al.Fuzz Revisited:A Reexamination of the Reliability of UNIX Utilities and Services[R].Wisconsin:Computer Sciences Department,University of Wisconsin,1995
[12] Miller B P,et al.An empirical study of the reliability of UNIX utilities[J].Communications of the ACM,1990,33:32-44
[13] Cohen M B,Snyder J,Rothermel G.Testing across configurations:implications for combinatorial testing[J].ACM SIGSOFT Software Engineering Notes,2006,1(6):1-9
[14] Shu G, Lee D.Testing security properties of protocol implementations-a machine learning based approach[C]∥27th International Conference on Distributed Computing Systems (ICDCS’07).IEEE,2007:25
[15] Aitel D.The advantages of block-based protocol analysis of security testing[R].New York:Immunity Inc,February 2002
[16] SPIKE[EB/OL].http://www.immunitysec.com/resources-free-software.shtml
[17] Peach[EB/OL].http://peachfuzz.sourceforge.ne
[18] FillFuzz[EB/OL].http://labs.idefense.com/software/fuzzing.php
[19] COMRaider[EB/OL].http://labs.idefense.com/software/fuz-zing.php#more_comraider
[20] AxMan[EB/OL].http://metasploit.com/users/hdm/tools/axman
[21] Demott J.The evolving art of fuzzing[S].Defcon,2006
[22] DeMott J,et al.Revolutionizing the Field of Grey-box AttackSurface Testing with Evolutionary Fuzzing[S].BlackHat and Defcon,2007
[23] Godefroid P,et al.Grammar-based whitebox fuzzing[C]∥2008 ACM SIGPLAN Conference on Programming Language Design and Implementation 2008(PLDI’08).Tucson,AZ,United states,2008:206-215
[24] Godefroid P,et al.Automated Whitebox fuzzing[C]∥Proc Network Distributed Security Symposium(NDSS).San Diego,California,2008
[25] Ganesh V,et al.Taint-based directed whitebox fuzzing[C]∥Proc 2009 31st International Conference on Software Enginee-ring(ICSE 2009).Vancouver,BC,Canada,2009:474-484
[26] Wang T L.Research on key technologies of vulnerability exploiting for binary programs[M].Beijing:Peking University,2011(in Chinese) 王铁磊.面向二进制程序的漏洞挖掘关键技术研究[M].北京:北京大学,2011
[27] Wang T,et al.TaintScope:A checksum-aware directed fuzzing tool for automatic softwarevulnerability detection [C]∥Proc 31st IEEE Symposium on Security and Privacy,SP 2010.Berkeley/Oakland,CA,United states,2010:497-512
[28] Zhang Shu-qin.Research on Fuzz testing technology based ongenetic algorithm[D].Wuhan:Huazhong University of Science and Technology,2011(in Chinese) 章淑琴.基于遗传算法的模糊测试技术研究[D].武汉:华中科技大学,2011
[29] Du Xiao-jun,Lin Bo-gang,Lin Zhi-yuan,et al.Research of Multi population genetic algorithm in fuzz testing [J].Journal of Shandong University(Science Edition),2013(7):79-84(in Chinese) 杜晓军,林柏钢,林志远,等.安全软件模糊测试中多种群遗传算法的研究[J].山东大学学报(理学版),2013(7):79-84
[30] SecurityFocus[EB/OL].http://www.securityfocus.com/
[31] Secunia [EB/OL].http://secunia.com/
[32] CNVD[EB/OL].http://www.cnvd.org.cn/
[33] Jalbert N,Sen K.A trace simplification technique for effective debugging of concurrent programs[C]∥ Proceedings of the eighteenth ACM SIGSOFT International Symposium on Foundations of Software Engineering.ACM,2010:57-66
[34] Luk C,Cohn R,Muth R,et al.Pin:Building customized program analysis tools with dynamic instrumentation[J].Programming Language Design & Implementation,2005,40(6):190-200
[35] Kojarski S,Lorenz D H.Pluggable AOP:designing aspect mechanisms for third-party composition[J].Oopsla’05 Proceedings of Annual Acm Sigplan Conference on Object Oriented Programming Systems Languages & Applications,2005,40(10):247-263
[36] BCEL[EB/OL].http://commons.apache.org/proper/commons-
[37] Javassit[EB/OL].http://www.csg.ci.i.u-tokyo.ac.jp/~chiba/javassist/html/javassist/CtClass.html
[38] ASM[EB/CP].http://asm.ow2.org/
[39] DynamoRIO[EB/OL].http://www.dynamorio.org/
[40] DynInst[EB/OL].http://www.dyninst.org/
[41] Pin[EB/OL].https://software.intel.com/sites/landingpage/pintool/docs/71313/Pin/html/
[42] Wang T,Wei T,Zou W.Checksum-Aware Fuzzing Combinedwith Dynamic Taint Analysis and Symbolic Execution[J].Acm Transactions on Information & System Security,2011,14(2):613-613
[43] Atwood J W,et al.A new fuzzing technique for software vulnerability mining[D].Concordia University,2009
[44] MSDN[EB/OL].https://msdn.microsoft.com/zh-cn/default.aspx
[45] Sulley[EB/OL].http://resources.infosecinstitute.com/sulley-fuzzing/
[46] Miller C,Peterson Z N J.Analysis of Mutation and Generation-Based Fuzzing[R/OL].http://securityevaluators.com/files/papers/analysisfuzzing.pdf
[47] Ganesh V,Leek T,Rinard M.Taint-based Directed WhiteboxFuzzing[C]∥Proceeding International Conference on Software Engineering.2009:474-484
[48] Lanzi A,Martignoni L,Monga M,et al.A Smart Fuzzer for x86 Executables[C]∥ICSE Workshops 2007,Third International Workshop on Software Engineering for Secure Systems,2007(SESS’07).IEEE,2007:7-7
[49] Liu G H,Wu G,Tao Z,et al.Vulnerability Analysis for X86 Executables Using Genetic Algorithm and Fuzzing[C]∥International Conference on Convergence & Hybrid Information Technology.IEEE,2008:491-497
[50] PaiMei[CP/OL].http://www.openrce.org/downloads/details/208/PaiMei
[51] Liu W.Research on DoS Attack and Detection Programming[C]∥Workshop on Intelligent Information Technology Applications IEEE.2009:207-210
[52] Hydara I,Sultan A B M,Zulzalil H,et al.Current state of research on cross-site scripting(XSS)-A systematic literature review[J].Information & Software Technology,2015:170-186
[53] Dukes L,Yuan X,Akowuah F.A case study on web application security testing with tools and manual testing[C]∥Southeastcon,IEEE.IEEE,2013:1-6
[54] WebScara[EB/OL].https://www.owasp.org/index.php/Ca-tegory:OWASP_WebScarab_Project
[55] ShareFuzz[CP/OL].http://www.immunitysec.com/resources

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!