Fuzzing Review and Test Case Prioritization Strategies

Slide Note
Embed
Share

Fuzzing is an effective method for generating additional test cases in software analysis. Various strategies can be used to prioritize which test case to run next, such as code coverage-based prioritization, input diversity prioritization, and impact analysis prioritization.

indiana
indiana Follow

Uploaded on May 17, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. EXERCISE #29 FUZZING REVIEW Write your name and answer the following on a piece of paper In fuzzing, it is easy to generate additional test cases for an analysis target. What are some of the strategies for prioritizing which test case to run next? 1

  2. ADMINISTRIVIA AND ANNOUNCEMENTS

  3. SYMBOLIC EXECUTION EECS 677: Software Security Evaluation Drew Davidson

  4. 4 WHERE WE RE AT DYNAMIC ANALYSIS Generating test cases

  5. 5 PREVIOUSLY: FUZZING OUTLINE / OVERVIEW GENERATING RANDOMTESTCASES Surprisingly effective in practice Main challenge is exploring new behavior The random fuzz of white noise

  6. 6 RESEARCH DIRECTION: GUNKING FUZZING FUZZINGASADVERSARIALRECON Fuzzing is so good at finding bugs that even the bad guys do it PERHAPSAPROGRAMSHOULDDEPLOY ANTI-FUZZINGTECH What would that look like?

  7. 7 THIS LECTURE: SYMBOLIC EXECUTION OUTLINE / OVERVIEW A METHODICALAPPROACHTO ABSTRACT EXECUTION

  8. 8 RECALL: TEST CASE GENERATION SYMBOLIC EXECUTION

  9. 9 THE PROBLEM OF COVERAGE SYMBOLIC EXECUTION

  10. 10 PREDICATES GET IN THE WAY! SYMBOLIC EXECUTION

  11. 11 ELIMINATING INFEASIBLE PATHS SYMBOLIC EXECUTION

  12. 12 THE MAGIC OF THE SOLVER SYMBOLIC EXECUTION

  13. 13 THE SYMBOLIC EXECUTION TREE SYMBOLIC EXECUTION

  14. 14 SOUNDNESS / COMPLETENESS SYMBOLIC EXECUTION

  15. 15 WRAP-UP SYMBOLIC EXECUTION A simple, elegant idea

Related


Fuzzing Cows: The No Bull Talk on Fuzzing Security

Fuzzing Cows: The No Bull Talk on Fuzzing Security

tice_gan
Effective Workflow for Vulnerability Research in Production Environments

Effective Workflow for Vulnerability Research in Production Environments

despina
Practical Guide to Fuzzing Programs with AFL

Practical Guide to Fuzzing Programs with AFL

ngo_dri
HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities

HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities

decimus
FOLIO Roadmap and Prioritization Update

FOLIO Roadmap and Prioritization Update

neti_485
Effective Strategies for Overcoming Test Anxiety

Effective Strategies for Overcoming Test Anxiety

lulu
SEOW Substance Prioritization for Prevention Planning in December 2017

SEOW Substance Prioritization for Prevention Planning in December 2017

isa_ch
IEEE 802.11-21/1115r0 Traffic Prioritization Summary

IEEE 802.11-21/1115r0 Traffic Prioritization Summary

imran
Multi-Criteria Test Suite Minimization with Integer Nonlinear Programming

Multi-Criteria Test Suite Minimization with Integer Nonlinear Programming

jill
Test Scope and Requirements for NR-U Demodulation in 3GPP TSG-RAN4 Meeting #97-e

Test Scope and Requirements for NR-U Demodulation in 3GPP TSG-RAN4 Meeting #97-e

deia258
Efficient Design Strategies for Minimizing Test Application Time in SoC

Efficient Design Strategies for Minimizing Test Application Time in SoC

ann_yon
Understanding Software Testing: Test Cases, Selection, and Execution

Understanding Software Testing: Test Cases, Selection, and Execution

harri
Managing Test Anxiety Tips for Success in Illinois Licensure Exam

Managing Test Anxiety Tips for Success in Illinois Licensure Exam

mal_w
Impact Effort Matrix Presentation Template for Prioritization Strategies

Impact Effort Matrix Presentation Template for Prioritization Strategies

goku
Mastering Time Management: Tips and Strategies for Effective Productivity

Mastering Time Management: Tips and Strategies for Effective Productivity

bold_n
Strategic Planning for Health Security - Prioritization and Assessment Review

Strategic Planning for Health Security - Prioritization and Assessment Review

shumpert_m
Prevention Subcommittee Update - July 26, 2023 Review

Prevention Subcommittee Update - July 26, 2023 Review

cheyannap
Enhancing Mobile App Testing Strategies for Quality Assurance

Enhancing Mobile App Testing Strategies for Quality Assurance

mel_bow
Evaluation of Pre-sessional Reading Test Using Stimulated Recall Interviews

Evaluation of Pre-sessional Reading Test Using Stimulated Recall Interviews

emer_938
Update on UE Beam Assumption for RRM Test Cases in 3GPP Meetings

Update on UE Beam Assumption for RRM Test Cases in 3GPP Meetings

goodsell_r
Understanding Coagulase Test in Microbiology

Understanding Coagulase Test in Microbiology

solveig
Addressing Invasive Plant Species in California

Addressing Invasive Plant Species in California

aves777
Finding Bugs in P4 Compilers

Finding Bugs in P4 Compilers

junaid
Rapid Process for Identifying Research Priorities in Pain and Opioid Use

Rapid Process for Identifying Research Priorities in Pain and Opioid Use

marga

More Related Content