{"title":"获得不同超时时间下的模糊测试结果","authors":"Wen-Xin Zhang","doi":"10.1109/ICSTW55395.2022.00048","DOIUrl":null,"url":null,"abstract":"Coverage-Guided fuzzing is the type of fuzzing which focuses on the code or branch coverage. It is mainly efficient in detecting buffer overflow. For the code coverage, it is an important parameter of performance evaluation of the Coverage-Guided fuzzing tools, since the higher coverage means higher possibility of bug detection. However, the timeout set for the fuzzing also affects the efficiency, due to the fact that the growth rate of code coverage will gradually become slower as the running time becoming longer. Setting a timeout that is too long cannot help improving the coverage nor the bug detected, and it will be a complete waste of time. Since selecting the fuzzing time might be quite confusing for testers, in this paper, the author decided to discover the relationship of the growth of the coverage and the running time of the. AFL and FuzzFactory were used for the evaluation and the timeout were set as 1 second, 1 minute, 1 hour, 6 hours and 12 hours respectively. The results showed the relationship between fuzzing time and the performance, for all fuzzers and the effect between different fuzzers.","PeriodicalId":147133,"journal":{"name":"2022 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Obtaining Fuzzing Results with Different Timeouts\",\"authors\":\"Wen-Xin Zhang\",\"doi\":\"10.1109/ICSTW55395.2022.00048\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Coverage-Guided fuzzing is the type of fuzzing which focuses on the code or branch coverage. It is mainly efficient in detecting buffer overflow. For the code coverage, it is an important parameter of performance evaluation of the Coverage-Guided fuzzing tools, since the higher coverage means higher possibility of bug detection. However, the timeout set for the fuzzing also affects the efficiency, due to the fact that the growth rate of code coverage will gradually become slower as the running time becoming longer. Setting a timeout that is too long cannot help improving the coverage nor the bug detected, and it will be a complete waste of time. Since selecting the fuzzing time might be quite confusing for testers, in this paper, the author decided to discover the relationship of the growth of the coverage and the running time of the. AFL and FuzzFactory were used for the evaluation and the timeout were set as 1 second, 1 minute, 1 hour, 6 hours and 12 hours respectively. The results showed the relationship between fuzzing time and the performance, for all fuzzers and the effect between different fuzzers.\",\"PeriodicalId\":147133,\"journal\":{\"name\":\"2022 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW)\",\"volume\":\"19 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-04-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICSTW55395.2022.00048\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSTW55395.2022.00048","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Coverage-Guided fuzzing is the type of fuzzing which focuses on the code or branch coverage. It is mainly efficient in detecting buffer overflow. For the code coverage, it is an important parameter of performance evaluation of the Coverage-Guided fuzzing tools, since the higher coverage means higher possibility of bug detection. However, the timeout set for the fuzzing also affects the efficiency, due to the fact that the growth rate of code coverage will gradually become slower as the running time becoming longer. Setting a timeout that is too long cannot help improving the coverage nor the bug detected, and it will be a complete waste of time. Since selecting the fuzzing time might be quite confusing for testers, in this paper, the author decided to discover the relationship of the growth of the coverage and the running time of the. AFL and FuzzFactory were used for the evaluation and the timeout were set as 1 second, 1 minute, 1 hour, 6 hours and 12 hours respectively. The results showed the relationship between fuzzing time and the performance, for all fuzzers and the effect between different fuzzers.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
