Improving Fuzz Testing Using Game Theory

2010 Fourth International Conference on Network and System Security Pub Date : 2010-09-01 DOI:10.1109/NSS.2010.81
Sheila Becker, H. Abdelnur, Jorge Lucángeli Obes, R. State, O. Festor
{"title":"Improving Fuzz Testing Using Game Theory","authors":"Sheila Becker, H. Abdelnur, Jorge Lucángeli Obes, R. State, O. Festor","doi":"10.1109/NSS.2010.81","DOIUrl":null,"url":null,"abstract":"We propose a game theoretical model for fuzz testing, consisting in generating unexpected input to search for software vulnerabilities. As of today, no performance guarantees or assessment frameworks for fizzing exist. Our paper addresses these issues and describes a simple model that can be used to assess and identify optimal fizzing strategies, by leveraging game theory. In this context, payoff functions are obtained using a tainted data analysis and instrumentation of a target application to assess the impact of different fizzing strategies.","PeriodicalId":127173,"journal":{"name":"2010 Fourth International Conference on Network and System Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2010-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 Fourth International Conference on Network and System Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NSS.2010.81","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5

Abstract

We propose a game theoretical model for fuzz testing, consisting in generating unexpected input to search for software vulnerabilities. As of today, no performance guarantees or assessment frameworks for fizzing exist. Our paper addresses these issues and describes a simple model that can be used to assess and identify optimal fizzing strategies, by leveraging game theory. In this context, payoff functions are obtained using a tainted data analysis and instrumentation of a target application to assess the impact of different fizzing strategies.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
利用博弈论改进模糊测试
我们提出了一个模糊测试的博弈论模型,包括生成意想不到的输入来搜索软件漏洞。到目前为止,还没有性能保证或评估框架存在。我们的论文解决了这些问题,并描述了一个简单的模型,可以用来评估和确定最佳的嘶嘶策略,利用博弈论。在这种情况下,使用受污染的数据分析和目标应用程序的仪器来获得收益函数,以评估不同嘶嘶策略的影响。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
2010 Fourth International Conference on Network and System Security
2010 Fourth International Conference on Network and System Security
自引率
0.00%
发文量
0
期刊最新文献
Privacy-Preserving Protocols for String Matching The PU-Tree: A Partition-Based Uncertain High-Dimensional Indexing Algorithm Ignorant Experts: Computer and Network Security Support from Internet Service Providers Resource Selection from Distributed Semantic Web Stores A Purpose Based Access Control in XML Databases System
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1