Abstract
Current knowledge-based Fuzzing technologies mainly focus on Fuzzing target software based on a single data sample with one or multi-dimension input mutation, and thus the vulnerability mining results are not stable, false negatives of vulnerability are high and the selection of data sample depends on human analysis. To solve these problems, this paper proposes a model named Fuzzing Test Suite Generation model using multiple data sample combination (FTSGc), which can automatically select multiple data samples combination from a large scale data sample set to fuzz target software and generate the test cases that can cover more instances of software vulnerabilities. To solve FTSGc, a theorem named Maximum Coverage Theorem is given to select the data sample combination. Practical experimental results show that the proposed Fuzzing technology works much better than the current Fuzzing technologies on the Ability of Vulnerability Mining (AVM).
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call