چكيده به لاتين
This thesis is aimed at the construction of a gray box fuzzer to detect the vulnerabilities in binary executable code. Our surveys has three fundamental difficulties with current approaches to fuzz testing. First of all, the input space provided by the fuzzers could be very large. Secondly, fuzzers are most often does not get high code coverage. Finally, most of the current approaches may ignore vulnerable paths when generating test data to reveal vulnerabilities. Our proposed method shrinks the input space of the programs, to be fuzzed, by conducting the test data generation towards suspicious paths in which one or more vulnerability patterns are observed. To achieve this an evolutionary approach to test data generation for generating test data for path coverage testing is adopted. In this way the difficulty with the huge size of the input space is almost resolved while almost all the paths are covered. After a vulnerable path is detected, appropriate test data is generated to examine the path. In this way none of the vulnerable paths is ignored. Our experiments with a number of programs reveals the high performance of our proposed approach compared with the traditional fuzz testing.
Keywords: Fuzz Testing, Test Data Generation, Dynamic Analysis, Path Coverage
