Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

COMPX519 > Lecture 14 > Flashcards

Lecture 14 Flashcards

1
Q

What is fuzzing?

A

Automated software testing technique. Premise Automatically generate input data for an application. Monitor the result of feeding the data to the application. If an unexpected result is obtained thats a bug.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is mutation based fuzzing?

A

User supplies one or many well formed inputs
Create mutations of the well formed inputs
Assumes that variations of the well formed input may be problematic
Mutations may be completely random or follow some heuristic
Requires little to no set up time
Dependent on the inputs being modified
May fail for protocols with checksums, those which depend on challenge
response, etc.
Example Tools:
Taof, GPF, ProxyFuzz, Peach Fuzzer, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is generation based fuzzing?

A

Test cases are generated from some description of the format: RFC,
documentation, expert knowledge, etc.
Anomalies are added to each possible spot in the inputs
Knowledge of protocol should give better results than random fuzzing
Can take significant time to set up
Examples
SPIKE, Sulley, Mu-4000, Codenomicon, Peach Fuzzer, etc…

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

COMPX519 (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions