Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
The future of grey-box fuzzing
Umeå University, Faculty of Science and Technology, Department of Computing Science.
2017 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

Society are becoming more dependent on software, and more artifacts are being connected to the Internet each day [31]. This makes the work of tracking down vulnerabilities in software a moral obligation for software developers. Since manual testing is expensive [7], automated bug finding techniques are attractive within the quality assurance field, since it can save companies a lot of money.

This thesis summarizes the research of an automated bug finding technique called grey-box fuzzing, with the goal of saying something about its future. Grey-box fuzzing is a breed of fuzzing, where the basic concept of fuzzing is to provide random data as input to an application in order to test it for bugs. To portray the current state of grey-box fuzzing, two tools which are relevant to the current research will be presented and discussed. A definition of what grey-box fuzzing is will also be extracted from the research papers by looking at what they all have in common.

The combination of fuzzing with symbolic execution or dynamic taint analysis are two of the approaches which this work has identified and discussed, but argues that dynamic taint analysis is more promising to the future. Lastly, the trend within fuzzing is predicted to go more towards the grey-box style of fuzzing, which leads to grey-box fuzzing rising in popularity.

Place, publisher, year, edition, pages
2017. , p. 24
Series
UMNAD ; 1124
National Category
Engineering and Technology
Identifiers
URN: urn:nbn:se:umu:diva-142509OAI: oai:DiVA.org:umu-142509DiVA, id: diva2:1161769
Educational program
Bachelor of Science Programme in Computing Science
Supervisors
Examiners
Available from: 2017-12-01 Created: 2017-12-01 Last updated: 2017-12-01Bibliographically approved

Open Access in DiVA

fulltext(142 kB)154 downloads
File information
File name FULLTEXT01.pdfFile size 142 kBChecksum SHA-512
34717058f83291b870da3c44c771828bce5cd4e42d1c2e3ba95e5d52007ba6da6ea4edf4fceb70e2f83ed06dbf543ed18226a38f73cc93a11c9d8e4cc5741858
Type fulltextMimetype application/pdf

By organisation
Department of Computing Science
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar
Total: 154 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 577 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf