The Application of Fuzzing in Web Software Security Vulnerabilities Test

Author

Li Li ; Qiu Dong ; Dan Liu ; Leilei Zhu

Author_Institution

Changchun Univ. of Sci. & Technol., Changchun, China

fYear

2013

fDate

16-17 Nov. 2013

Firstpage

130

Lastpage

133

Abstract

Web applications need for extensive testing before deployment and use, for early detecting security vulnerabilities to improve the quality of the safety of the software, the purpose of this paper is to research the fuzzing applications in security vulnerabilities. This article first introduces the common Web software security vulnerabilities, and then provide a comprehensive overview of the fuzzing technology, and using fuzzing tools Web fuzz to execute a software vulnerability testing, test whether there is a software security hole. Test results prove that fuzzing is suitable for software security vulnerabilities testing, but this methodology applies only to security research field, and in the aspect of software security vulnerabilities detection is still insufficient.

Keywords

Internet; fuzzy set theory; program testing; security of data; software quality; software tools; Web applications; Web fuzz; Web software security vulnerabilities test; fuzzing appilication; fuzzing tools; security research field; software quality; software safety; software security hole; software security vulnerabilities detection; Computers; Databases; Safety; Security; Software; Testing; Web pages; Fuzzing; Web software security vulnerabilities; Webfuzz;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Technology and Applications (ITA), 2013 International Conference on

Conference_Location

Chengdu

Print_ISBN

978-1-4799-2876-7

Type

conf

DOI

10.1109/ITA.2013.36

Filename

6709952