• DocumentCode
    626400
  • Title

    Online Model-Based Behavioral Fuzzing

  • Author

    Schneider, Markus ; Großmann, Jurgen ; Schieferdecker, Ina ; Pietschker, Andrej

  • Author_Institution
    Fraunhofer FOKUS, Berlin, Germany
  • fYear
    2013
  • fDate
    18-22 March 2013
  • Firstpage
    469
  • Lastpage
    475
  • Abstract
    Fuzz testing or fuzzing is interface robustness testing by stressing the interface of a system under test (SUT) with invalid input data. It aims at finding security-relevant weaknesses in the implementation that may result in a crash of the system-under-test or anomalous behavior. Fuzzing means sending invalid input data to the SUT, the input space is usually huge. This is also true for behavioral fuzzing where invalid message sequences are submitted to the SUT. Because systems are getting more and more complex, testing a single invalid message sequence becomes more and more time consuming due to startup and initialization of the SUT. We present an approach to make the test execution for behavioral fuzz testing more efficient by generating test cases at runtime instead of before execution, focusing on interesting regions of a message sequence based on a previously conducted risk analysis and reducing the test space by integrating already retrieved test results in the test generation process.
  • Keywords
    program testing; security of data; SUT; anomalous behavior; fuzz testing; interface robustness testing; invalid message sequence testing; online model-based behavioral fuzzing; risk analysis; system under test; test case generation; test execution; Computer bugs; Protocols; Security; Software; Testing; Unified modeling language; Behavioral Fuzzing; Model-based Testing; Security Testing; Test Execution; Test Generation;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Software Testing, Verification and Validation Workshops (ICSTW), 2013 IEEE Sixth International Conference on
  • Conference_Location
    Luxembourg
  • Print_ISBN
    978-1-4799-1324-4
  • Type

    conf

  • DOI
    10.1109/ICSTW.2013.61
  • Filename
    6571672