Fuzzing for software vulnerability discovery

Background Fuzz testing can be used to detect software programming flaws present in an application by submitting malformed input to the application as it executes. Some programming flaws impact upon the security of an application by undermining the performance of controls, rendering the application vulnerable to attack. Hence, the discovery of programming flaws can lead to the discovery of security vulnerabilities. Fuzz testing (like almost all run-time testing) does not require access to the source code, which makes it attractive to those who wish to assess the security of an application, but are unable to obtain access to the source code, such as end-users, corporate clients, security researchers and cyber criminals. Motivation The author wanted to explore the value of fuzz testing from the point of view of a corporate client that intends to release software including a component developed by a third party, where the component source code is not available for review. Three case studies where conducted: two practical fuzz testing methodologies ('blind' data mutation and protocol analysis-based fuzzing) were employed to discover vulnerabilities in a commercial operating system, and a purposefully vulnerable web server, respectively. A third case study involved the exploitation of a vulnerability discovered using fuzz testing, including the production of 'Proof of Concept' code. Conclusions It was found that fuzzing is a valid method for identifying programming flaws in software applications, but additional analysis is required to determine whether discovered flaws represented a security vulnerability. In order to better understand the analysis and ranking of errors discovered using fuzz testing, exploit code was developed based on a flaw discovered using fuzz testing. It was found that the level of skill required to create such an exploit depends (largely) upon the nature of the specific programming flaw. In the worst case (where user-controlled input values are passed to the instruction pointer register), the level of skill required to develop an exploit that permitted arbitrary code execution was minimal. Due to the scale and range of input data accepted by all but the most simple of applications, fuzzing is not a practical method for detecting all flaws present in an application. However, fuzzing should not be discounted since no current software security testing methodology is capable of discovering all present flaws, and fuzzing can offer benefits such as automation, scalability, and a low ratio of false-positives

Fundamental Approaches to Software Engineering

computer software maintenance; computer software selection and evaluation; formal logic; formal methods; formal specification; programming languages; semantics; software engineering; specifications; verificatio

Proceedings of Monterey Workshop 2001 Engineering Automation for Sofware Intensive System Integration

The 2001 Monterey Workshop on Engineering Automation for Software Intensive System Integration was sponsored by the Office of Naval Research, Air Force Office of Scientific Research, Army Research Office and the Defense Advance Research Projects Agency. It is our pleasure to thank the workshop advisory and sponsors for their vision of a principled engineering solution for software and for their many-year tireless effort in supporting a series of workshops to bring everyone together.This workshop is the 8 in a series of International workshops. The workshop was held in Monterey Beach Hotel, Monterey, California during June 18-22, 2001. The general theme of the workshop has been to present and discuss research works that aims at increasing the practical impact of formal methods for software and systems engineering. The particular focus of this workshop was "Engineering Automation for Software Intensive System Integration". Previous workshops have been focused on issues including, "Real-time & Concurrent Systems", "Software Merging and Slicing", "Software Evolution", "Software Architecture", "Requirements Targeting Software" and "Modeling Software System Structures in a fastly moving scenario".Office of Naval ResearchAir Force Office of Scientific Research Army Research OfficeDefense Advanced Research Projects AgencyApproved for public release, distribution unlimite

Evolutionary Computation

This book presents several recent advances on Evolutionary Computation, specially evolution-based optimization methods and hybrid algorithms for several applications, from optimization and learning to pattern recognition and bioinformatics. This book also presents new algorithms based on several analogies and metafores, where one of them is based on philosophy, specifically on the philosophy of praxis and dialectics. In this book it is also presented interesting applications on bioinformatics, specially the use of particle swarms to discover gene expression patterns in DNA microarrays. Therefore, this book features representative work on the field of evolutionary computation and applied sciences. The intended audience is graduate, undergraduate, researchers, and anyone who wishes to become familiar with the latest research work on this field

Fundamental Approaches to Software Engineering

This open access book constitutes the proceedings of the 24th International Conference on Fundamental Approaches to Software Engineering, FASE 2021, which took place during March 27–April 1, 2021, and was held as part of the Joint Conferences on Theory and Practice of Software, ETAPS 2021. The conference was planned to take place in Luxembourg but changed to an online format due to the COVID-19 pandemic. The 16 full papers presented in this volume were carefully reviewed and selected from 52 submissions. The book also contains 4 Test-Comp contributions