Journal
Scientific and Technical Journal of Information Technologies, Mechanics and Optics
UDK004.052.2
Issue:6 (136)
Download PDF0 Kbyte
Stochastic software testing for vulnerability analysis
Annotation
Stochastic testing by fuzzing tools is one of the approaches to software vulnerability analysis. A testing process usually generates random input data for a tested program and takes a significant period of time. Reducing testing time is an important task. One of the areas of research for improving testing is to define only those sets of data sequences, which have an impact on the execution path of the tested program. Thus, a new approach of input data generation that reduces total testing time allows finding more program vulnerabilities. The paper suggests a modification of a genetic algorithm, which is used by fuzzer afl (American Fuzzy Lop). The promising positions model is introduced to improve the efficiency of input data generation. With this model, the most promising position in input data is chosen by the fuzzer genetic algorithm from the viewpoint of vulnerability analysis for next mutation steps. Compared to existing solutions, the suggested model pays attention to the perspective position of a data element to increase code coverage and directs the genetic algorithm to change it. The model was evaluated with the popular fuzzer afl and its modifications (aflfast, symfuzz, afl-rb). During the evaluation study, the suggested model reached 21 % more code coverage than existing solutions. Edge coverage between base program blocks is increased from 20897.3 up to 17267.4. The developed model can be used during software testing, which implies an input and processing of user data. The model can be integrated into stochastic testing tools. The modification should be done only, in the random generator component and does not require redesigning the whole testing tool.
Keywords
Постоянный URL
Articles in current issue
- A fiber optic vibration sensor based on SMF-MMF-SMF structure and a tilted fiber Bragg grating
- Aberration analysis of a wedge as a compensator element in augmented and virtual reality systems.
- Estimation of temperature detection delay in a fiber optic gyroscope sensing coil.
- The relative intensity noise of a vertical-cavity surface-emitting laser with a fiber Bragg grating external cavity
- A comparative analysis of the frequency spectra of the human eye and a cut diamond in visible light
- Vulnerabilities in the quantum key distribution system induced under a pulsed laser attack
- Proactive management of the composition and structure of the spatial monitoring system under the influence of destabilizing factors
- An algorithm of trajectory control for the movement of a mobile robot without measuring the position coordinates
- Different III-V semiconductor nanowires with quantum dots on silicon: growth by molecular-beam epitaxy and properties
- Impact of magnesium oxide concentration and yttrium-aluminum garnet stoichiometry deviation on the microstructure and optical transmission of YAG-based ceramics
- Measurements of heat capacity and thermal conductivity of β-Ga2O3 and β-(AlxGa1–x)2O3 bulk crystals grown by the Czochralski method
- An approach to the identification of the state of elements in cyber-physical systems based on principal component analysis
- Research of machine learning methods in the problem of identification of blood cells
- An Enhanced Exploration and Exploitation of Modified Grey Wolf Optimizer for Fuzzy Rules Reduction in Cloud Intrusion Detection System (CIDS)
- Model of information interaction channel routing on the FANET network using fuzzy logic
- Bi-level authentication and mannequin routing for improving security features of WSN-IoT
- Spline-wavelet bent robust codes
- Social media user identity linkage by graphic content comparison
- Monte Carlo Concrete DropPath for epistemic uncertainty estimation in pollen images classification
- Random number generation with arrays of coupled quantum-dot micropillar lasers
- The method of forming and using a digital passport for an electronic product at enterprises of the instrument-making industry
- Methods for determining the phase difference of the output signals for the receiving elements of a phased antenna array in a radiophoton circuit with parallel and series pairwise connection ...
- Routing in networks of autonomous underwater vehicles