A Taint Based Approach for Smart Fuzzing

Bekrar, Sofia; Bekrar, Chaouki; Groz, Roland; Mounier, Laurent

doi:10.1109/icst.2012.182

Cited by 50 publications

(36 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Probably the first and also most successful application of gray-box fuzzing is SAGE from Microsoft [47,48], which combines symbolic execution (a static source code analysis technique) and dynamic testing. This combination is today known as concolic testing and inspired several advanced security testing e.g., [12,1], as well as functional test approaches.…”

Section: Fuzzingmentioning

confidence: 99%

“…Besides SAGE, there are also other approaches that share the same basic concept: using instrumentation or static analyses of the implementation to improve the quality, efficiency, or effectiveness of dynamic security testing. For example, [12] uses a binary taint analysis to increase the fuzz testing coverage while [54] uses symbolic execution to achieve the same goal. Gray-box fuzzing is also successfully applied to commercial operating system [87].…”

Section: The Second Tier: Java-based Server Applicationsmentioning

confidence: 99%

See 1 more Smart Citation

Security Testing

Felderer

Büchler

Johns

et al. 2016

Advances in Computers

123

View full text Add to dashboard Cite

ReuseThis article is distributed under the terms of the Creative Commons Attribution-NonCommercial-NoDerivs (CC BY-NC-ND) licence. This licence only allows you to download this work and share it with others as long as you credit the authors, but you can't change the article in any way or use it commercially. More information and the full terms of the licence here: https://creativecommons.org/licenses/ Takedown If you consider content in White Rose Research Online to be in breach of UK law, please notify us by emailing eprints@whiterose.ac.uk including the URL of the record and the reason for the withdrawal request. Identifying vulnerabilities and ensuring security functionality by security testing is a widely applied measure to evaluate and improve the security of software. Due to the openness of modern software-based systems, applying appropriate security testing techniques is of growing importance and essential to perform effective and efficient security testing. Therefore, an overview of actual security testing techniques is of high value both for researchers to evaluate and refine the techniques and for practitioners to apply and disseminate them. This chapter fulfills this need and provides an overview of recent security testing techniques. For this purpose, it first summarize the required background of testing and security engineering. Then, basics and recent developments of security testing techniques applied during the secure software development lifecycle, i.e., model-based security testing, code-based testing and static analysis, penetration testing and dynamic analysis, as well as security regression testing are discussed. Finally, the security testing techniques are illustrated by adopting them for an example three-tiered web-based business application.

show abstract

Section: Fuzzingmentioning

confidence: 99%

Section: The Second Tier: Java-based Server Applicationsmentioning

confidence: 99%

Security Testing

Felderer

Büchler

Johns

et al. 2016

Advances in Computers

123

View full text Add to dashboard Cite

show abstract

“…If the process is stopped by the conditional statement, the concolic engine is used to guide the next section and the fuzzer takes over again and searches for vulnerabilities in the deep path more quickly. Driller is a hybrid fuzzing tool using AFL (American Fuzzy Lop) [9] and Angr [18]. AFL is a fuzzer that generates and transforms input values through a genetic algorithm and Angr is an engine that performs symbol execution by converting binary codes into Valgrind's VEX IR, which is also known by Mayhem and S2E [19] as the most optimized symbol execution engine.…”

Section: Hybrid Fuzzingmentioning

confidence: 99%

“…The test case creation speed is fast because it is simple to change the input value; however, it is difficult to find a valid crash because the code coverage is narrow. Smart Fuzzing is a technology that generates input values suitable for the format through target software analysis and the generation of errors [6][7][8][9]. Smart fuzzing has the advantage of knowing where errors can occur through a software analysis.…”

Section: Fuzzingmentioning

confidence: 99%

An Automated Vulnerability Detection and Remediation Method for Software Security

Jurn¹,

Kim²,

Kim³

2018

Sustainability

View full text Add to dashboard Cite

Abstract:As hacking techniques become more sophisticated, vulnerabilities have been gradually increasing. Between 2010 and 2015, around 80,000 vulnerabilities were newly registered in the CVE (Common Vulnerability Enumeration), and the number of vulnerabilities has continued to rise. While the number of vulnerabilities is increasing rapidly, the response to them relies on manual analysis, resulting in a slow response speed. It is necessary to develop techniques that can detect and patch vulnerabilities automatically. This paper introduces a trend of techniques and tools related to automated vulnerability detection and remediation. We propose an automated vulnerability detection method based on binary complexity analysis to prevent a zero-day attack. We also introduce an automatic patch generation method through PLT/GOT table modification to respond to zero-day vulnerabilities.

show abstract

“…• Fuzzing is a automatic generation of a large number of test cases ( (Lancia, 2011), (Bekrar et al, 2012) or (Alimi et al, 2014). ).…”

Section: Introductionmentioning

confidence: 99%

An Observe-and-Detect Methodology for the Security and Functional Testing of Smart Card Applications

Jolly

Vernois

Rosenberger

2016

Proceedings of the 2nd International Conference on Information Systems Security and Privacy

View full text Add to dashboard Cite

Abstract:Smart cards are tamper resistant devices but vulnerabilities are sometimes discovered. We address in this paper the security and the functional testing of embedded applications in smart cards. We propose an original methodology for the evaluation of applications and we show its benefit by comparing it to a classical certification process. The proposed method is based on the observation of the APDU (Application Protocol Data unit) communication with the smart card. Some specific properties are verified as a complementary method in the evaluation process and allows the on-the-fly detection of an anomaly and the reasons that triggered this anomaly during the test. Here are presented two uses of this method: a simple use to illustrate the use of properties to verify an implementation of an application and a more complex illustration by applying the fuzzing method to show what we can obtain with the proposed approach, i.e. an analysis of an anomaly.

show abstract

A Taint Based Approach for Smart Fuzzing

Cited by 50 publications

References 15 publications

Security Testing

Security Testing

An Automated Vulnerability Detection and Remediation Method for Software Security

An Observe-and-Detect Methodology for the Security and Functional Testing of Smart Card Applications

Contact Info

Product

Resources

About