TY - GEN
T1 - Fuzzing Improving Techniques Applied and Evaluated on a Network Traffic Analysis System
AU - Shi, Kaiyu
AU - Yu, Xiangzhan
AU - Zhao, Yue
N1 - Publisher Copyright:
© 2020 ACM.
PY - 2020/12/4
Y1 - 2020/12/4
N2 - With the rapid advancement of modern technology, software are getting more and more intelligent, whereas the related security issues are also becoming more and more prominent [1]. Developers can easily introduce bugs into a system due to mistakes or poor consideration, which in serious cases may lead to security breaches that can jeopardize the entire system or the entire network. Therefore, efficient and automated security testing techniques or theories are of great importance to software testing and vulnerability detection. Fuzzing is currently one of the most popular vulnerability discovery [2] techniques, not only because of its reliability and numerous successful cases, but also because of its unlimited potentials and possibilities. Fuzzing may not be able to find find vulnerabilities on its own, but it certainly can lead us to faster and more efficient vulnerability discoveries. In this paper, we'll fuzz a Network Traffic Analysis (NTA) System. We discuss some of the difficulties we meet in fuzzing the system and apply appropriate fuzzing techniques to tackle those difficulties. Finally, the fuzzing techniques applied are evaluated, and the applicability and characteristics of these techniques are summarized.
AB - With the rapid advancement of modern technology, software are getting more and more intelligent, whereas the related security issues are also becoming more and more prominent [1]. Developers can easily introduce bugs into a system due to mistakes or poor consideration, which in serious cases may lead to security breaches that can jeopardize the entire system or the entire network. Therefore, efficient and automated security testing techniques or theories are of great importance to software testing and vulnerability detection. Fuzzing is currently one of the most popular vulnerability discovery [2] techniques, not only because of its reliability and numerous successful cases, but also because of its unlimited potentials and possibilities. Fuzzing may not be able to find find vulnerabilities on its own, but it certainly can lead us to faster and more efficient vulnerability discoveries. In this paper, we'll fuzz a Network Traffic Analysis (NTA) System. We discuss some of the difficulties we meet in fuzzing the system and apply appropriate fuzzing techniques to tackle those difficulties. Finally, the fuzzing techniques applied are evaluated, and the applicability and characteristics of these techniques are summarized.
KW - fuzzing
KW - fuzzing improving techniques
KW - libfuzzer
KW - network protocol fuzzing
KW - structure-aware
UR - https://www.scopus.com/pages/publications/85098945609
U2 - 10.1145/3444370.3444625
DO - 10.1145/3444370.3444625
M3 - 会议稿件
AN - SCOPUS:85098945609
T3 - ACM International Conference Proceeding Series
SP - 543
EP - 548
BT - Proceedings of the 2020 International Conference on Cyberspace Innovation of Advanced Technologies, CIAT 2020
PB - Association for Computing Machinery
T2 - 2020 International Conference on Cyberspace Innovation of Advanced Technologies, CIAT 2020
Y2 - 4 December 2020 through 6 December 2020
ER -