Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fuzzing fuzz testing == fuzzing

Similar presentations


Presentation on theme: "Fuzzing fuzz testing == fuzzing"— Presentation transcript:

1 Fuzzing fuzz testing == fuzzing
“The original work was inspired by being logged on to a modem during a storm with lots of line noise. And the line noise was generating junk characters that seemingly were causing programs to crash. The noise suggested the term ‘fuzz’.” --Barton Miller

2 Fuzzing Defn (IEEE Standard Glossary of Software Engineering Terminology) “The degree to which a system or component can function correctly in the presence of invalid inputs or stressful environmental conditions.” The basic idea fuzzer

3 Fuzz What to Complex data formats image, sound, video, etc. files
object code / bytecode Protocols network protocols (TCP/IP, http, key exchange, SSL, etc.) database (SQL) User-provided files

4 The basis of fuzzing… Two Types of Fuzzers test cases Mutation Fuzzers
the “dumb” fuzzers Generative Fuzzers intelligence comes with a price…

5 Why Fuzz?

6 Mutation Fuzzers Mutated User Test Case(s) fuzzer
What does the fuzzer do? bit flipping remove bit segments insert bit segments sometimes uses heuristics Example: ______

7 Generative Fuzzers User Mutated Test Case(s) fuzzer
What does the user specify? data model state model Example: ________ fuzzer Downside – complex to use

8 The Good, the Bad, & the Ugly
Test the unusual Large number of test cases Complexity of input difficult to capture Tedious configuration Correctness?

9 Some “Fuzzy” Links zzuf Fuzzer http://caca.zoy.org/wiki/zzuf
Peach Fuzzer Jester Taof (the art of fuzz testing)


Download ppt "Fuzzing fuzz testing == fuzzing"

Similar presentations


Ads by Google