通过测试用例优先级改进模糊测试和符号执行的协作

2017 13th International Conference on Computational Intelligence and Security (CIS) Pub Date : 2017-12-01 DOI:10.1109/CIS.2017.00126

Jiaxi Ye, Bin Zhang, Ziqing Ye, Chao Feng, Chaojing Tang

{"title":"通过测试用例优先级改进模糊测试和符号执行的协作","authors":"Jiaxi Ye, Bin Zhang, Ziqing Ye, Chao Feng, Chaojing Tang","doi":"10.1109/CIS.2017.00126","DOIUrl":null,"url":null,"abstract":"Nowadays much attention is paid to the threat of vulnerabilities on the software security. Fuzzing and symbolic execution, complementary to each other, are two effective techniques in software testing. In this paper, we develop the prototype called FAS(Fuzzing and Symbolic) for software testing under both fuzzing and symbolic execution. In our method, the test cases are prioritized through deep-oriented strategy and large-distance-first strategy, in order to get a higher path-coverage with the condition of limited resource","PeriodicalId":304958,"journal":{"name":"2017 13th International Conference on Computational Intelligence and Security (CIS)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Improving the Cooperation of Fuzzing and Symbolic Execution by Test-cases Prioritizing\",\"authors\":\"Jiaxi Ye, Bin Zhang, Ziqing Ye, Chao Feng, Chaojing Tang\",\"doi\":\"10.1109/CIS.2017.00126\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Nowadays much attention is paid to the threat of vulnerabilities on the software security. Fuzzing and symbolic execution, complementary to each other, are two effective techniques in software testing. In this paper, we develop the prototype called FAS(Fuzzing and Symbolic) for software testing under both fuzzing and symbolic execution. In our method, the test cases are prioritized through deep-oriented strategy and large-distance-first strategy, in order to get a higher path-coverage with the condition of limited resource\",\"PeriodicalId\":304958,\"journal\":{\"name\":\"2017 13th International Conference on Computational Intelligence and Security (CIS)\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 13th International Conference on Computational Intelligence and Security (CIS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CIS.2017.00126\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 13th International Conference on Computational Intelligence and Security (CIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CIS.2017.00126","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

目前，漏洞对软件安全的威胁日益受到人们的关注。模糊测试和符号执行是软件测试中的两种有效技术，它们相辅相成。在本文中，我们开发了一个名为FAS(模糊和符号)的原型，用于模糊和符号执行下的软件测试。在我们的方法中，通过深度定向策略和远距离优先策略对测试用例进行优先排序，以便在资源有限的情况下获得更高的路径覆盖率

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Improving the Cooperation of Fuzzing and Symbolic Execution by Test-cases Prioritizing

Nowadays much attention is paid to the threat of vulnerabilities on the software security. Fuzzing and symbolic execution, complementary to each other, are two effective techniques in software testing. In this paper, we develop the prototype called FAS(Fuzzing and Symbolic) for software testing under both fuzzing and symbolic execution. In our method, the test cases are prioritized through deep-oriented strategy and large-distance-first strategy, in order to get a higher path-coverage with the condition of limited resource

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2017 13th International Conference on Computational Intelligence and Security (CIS)

自引率

0.00%

发文量