all InfoSec news
Fuzzers for stateful systems: Survey and Research Directions. (arXiv:2301.02490v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
Fuzzing is a security testing methodology effective in finding bugs. In a
nutshell, a fuzzer sends multiple slightly malformed messages to the software
under test, hoping for crashes or weird system behaviour. The methodology is
relatively simple, although applications that keep internal states are
challenging to fuzz. The research community has responded to this challenge by
developing fuzzers tailored to stateful systems, but a clear understanding of
the variety of strategies is still missing. In this paper, we present the …
applications bugs challenge community crashes fuzz fuzzer fuzzing internal malformed messages research security security testing simple software states survey system systems test testing under understanding weird