An empirical study of the reliability of UNIX utilities
Communications of the ACM
System Security Assessment through Specification Mutations and Fault Injection
Proceedings of the IFIP TC6/TC11 International Conference on Communications and Multimedia Security Issues of the New Century
An empirical study of the robustness of MacOS applications using random testing
ACM SIGOPS Operating Systems Review
An empirical study of the robustness of Windows NT applications using random testing
WSS'00 Proceedings of the 4th conference on USENIX Windows Systems Symposium - Volume 4
Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications
Fuzzing for Software Security Testing and Quality Assurance
Fuzzing for Software Security Testing and Quality Assurance
Experiences with model inference assisted fuzzing
WOOT'08 Proceedings of the 2nd conference on USENIX Workshop on offensive technologies
An autonomic testing framework for IPv6 configuration protocols
AIMS'10 Proceedings of the Mechanisms for autonomous management of networks and services, and 4th international conference on Autonomous infrastructure, management and security
AspFuzz: A state-aware protocol fuzzer based on application-layer protocols
ISCC '10 Proceedings of the The IEEE symposium on Computers and Communications
Finding Software Vulnerabilities by Smart Fuzzing
ICST '11 Proceedings of the 2011 Fourth IEEE International Conference on Software Testing, Verification and Validation
SNOOZE: toward a stateful network protocol fuzZEr
ISC'06 Proceedings of the 9th international conference on Information Security
Modeling test cases for security protocols with SecureMDD
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
Model-based testing is a recognized method for testing the functionality of a system under test. However, it is not only the functionality of a system that has to be assessed. Also the security aspect has to be tested, especially for systems that provide interfaces to the Internet. In order to find vulnerabilities that could be exploited to break into or to crash a system, fuzzing is an established technique in industry. Model-based fuzzing complements model-based testing of functionality in order to find vulnerabilities by injecting invalid input data into the system. While it focuses on invalid input data, we present a complementary approach called behavioral fuzzing. Behavioral fuzzing does not inject invalid input data but sends an invalid sequence of messages to the system under test. We start with existing UML sequence diagrams --- e.g. functional test cases --- and modify them by applying fuzzing operators in order to generate invalid sequences of messages. We present the identified fuzzing operators and propose a classification for them. A description of a case study from the ITEA-2 research project DIAMONDS as well as preliminary results are presented.