Targeted black box fuzzing of input data

Targeted black box fuzzing of input data

Technologies are described herein for performing targeted, black-box fuzzing of input data for application testing. A dataflow tracing module traces an application while it reads and processes a set of template data to produce operation mapping data that maps data locations in the template data to o...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: THOMAS GAVIN SHANE, WODRICH MARK, GOEL NITIN KUMAR
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Technologies are described herein for performing targeted, black-box fuzzing of input data for application testing. A dataflow tracing module traces an application while it reads and processes a set of template data to produce operation mapping data that maps data locations in the template data to operations performed by the application in processing the data at the location. The tracing is performed without requiring the application source code, knowledge of the syntactical structure of the input data, or specially instrumented binaries for the application. A fuzzing module is then utilized to target a specific operation or operations in the application by fuzzing data locations within the template data according to the operation mapping data until the desired outcome is achieved.