350 rub
Journal Highly available systems №3 for 2013 г.
Article in number:
Application of genetic algorithms to network rotocol vulnerabilities search through implementation of fuzzing technique
Keywords: vulnerability scan fuzzing network traffic genetic algorithm
Authors:
A.I. Pechenkin - Post-graduate Student, National Research University, St. Petersburg State Polytechnical University. E-mail: alexander.pechenkin@ibks.ftk.spbstu.ru
Abstract:
The article describes the options for using of different fitness-functions in fuzzing network protocols using GA: processing a batch, the number of executed code, number of called API-functions, «novelty» of trace, «rarity» of trace. Submitted the results of experiments allowed to optimize the parameters of GA. The author implemented a software tool that demonstrates the effectiveness of using GA for the selection of test data with the proposed fitness-functions and selection criteria.
Pages: 63-69
References

  1. Dormann W., Plakosh D. Vulnerability Detection in ActiveX Controls through Automated Fuzz Testing. CERT Coordination Center: 2009. Rezhim dostupa: www.cert.org/archive/pdf/dranzer.pdf.
  2. Iozzo V. 0-knowledge Fuzzing. 2010. Rezhim dostupa: www.cert.org/vuls/discovery/downloads/bh-whitepaper.pdf.
  3. Wu Zh., Atwood J.W., Zhu X. A New Fuzzing Technique for Software Vulnerability Mining // Proceedings of CONSEG-09: International Conference on Software Engineering. December 17-19, 2009. Chennai. India. P. 59-66.