Information technology is growing rapidly. Along with the rapid advancements, a large number of software security violations are taking place, which are causing an overwhelming impact on the organizations and the individuals. In the past few years many methods have been proposed to identify and prevent weaknesses in software programs. “Fuzzing was first proposed by Miller et.al in the year 1990 to detect software vulnerabilities” (Zhang, Liu, Lei, Kung, Csallner, Nystrom & Wang, 2012, p.102). In the process of detecting vulnerabilities the program inputs are changed to form different inputs to identify the various possible paths present in the program. The run time behavior of the programs are monitored on the different inputs to detect exceptions. If any exceptions are found then it can be said that weaknesses are present in the program and the software program is vulnerable.
There are two different kinds of fuzzing namely black box and white box fuzzing. Black box testing does not take the program source code into consideration. It is only used to identify weaknesses in the different inputs that can be given to the program. Whereas, white box testing is used to test all the different possible paths of a program. However many challenges exist for both the categories of fuzzing. According to Zhang et.al, (2012) white box testing fails in identifying the paths that contain complex data structures and unsolvable branch conditions and black box testing fails in testing complex program semantics which are deeper (p.103).
Therefore, to address the challenges of the two kinds of testing Zhang et.al, (2012) proposed a two stage fuzzing process to effectively test complex program semantics (p.103). The...
... middle of paper ...
...to detect security vulnerabilities. Whereas, binary level extensions can be placed, vulnerabilities can be modified with application of non-parallel statistical tests which makes the fuzzing process efficient in determining the weaknesses in the software programs and in identification of bugs.
Anon., 2011a. Available: http://nvd.nist.gov (Online).
Ganesh, V., Leek, T., Rinard, M., 2009. Taint-based directed white box fuzzing. In:
Proceedings of the IEEE 31st International Conference on Software Engineering
Godefroid, P., Levin, M.Y., Molnar, D., 2008. Automated white box fuzz testing. In:
Proceedings of the Network and Distributed Systems Security (NDSS).
Zhang, D., Liu, D., Lei, Y., Kung, D., Csallner, C., Nystrom, N., Wang, W. (2012). Sim Fuzz:
Test case similarity based deep fuzzing, The Journal of Systems and Software, 85,102-
Need Writing Help?
Get feedback on grammar, clarity, concision and logic instantly.Check your paper »
- The weaknesses of this software was that I couldn 't add the date 's easily. Therefore, I didn 't add this as it was time consuming like the task list. However, this enabled me to ensure for future purposes to use a calendar from the internet to make it easier. This is because then I am able to add this. Also, another weaknesses is that I couldn 't fit all the Pert Chart in one page. I had to fit it in an A4 page compared to open mind it can be in A3. This was an issue as it meant that there was a lot of pages and not one page.... [tags: Project management]
1579 words (4.5 pages)
- The use of hacking can be very beneficial as a means of identifying weaknesses in computer security. Nowadays, numerous companies and governments use this technique to assess the level of security of their systems and determine if any valuable information is at risk of being accessed unlawfully. Ethical hackers are employed to identify potential threats on a single computer or a whole network of computers. The found potential exploits are later patched thus decreasing the chance of a breach in the system and increasing its overall security and reliability.... [tags: ethical hackers, penetration testing]
1402 words (4 pages)
- ... Defect Detection Drawing from the above definitions key elements are evident to be the cause or origin of software defects, these include human proneness to error, architecture failure and product failure. Reflecting these elements onto the conventional software development life cycle (SDLC) it is then possible to identify or detect defects by critically assessing where these elements are most prevalent. This then bring us back to a key facet of software quality assurance discussed earlier, defect detection.... [tags: error, architecture failure, sampling]
2220 words (6.3 pages)
- Abstract Early detection of faults in Software Development Life Cycle (SDLC) can significantly reduce the cost and shorten the time to deliver a certain product to market. Requirement based testing involves using requirement as the basis for generating test cases. This paper present a systematic review of requirement based testing exploring the hidden capabilities and challenges of the research that has been accomplished over the years. The study attempts to reveal the facts about Requirement based test case generation and presents critical evaluation of the proposed methods by researchers.... [tags: Software]
3238 words (9.3 pages)
- Title : The Role of Requirement Engineering in Software Development Life Cycle Author : A. Chakraborty, 2M. Kanti Baowaly, 3 A. Arefin, 4 A. N. Bahar Article summary There is a great importance given to the requirement engineering stage in the SDLC(Software Requirement Life Cycle). It is the backbone which governs all the subsequent processes. Further post requirement defects would largely contribute to the failure of projects, exponentially increased cost etc. In this phase the mission needs and user requirements are received from the client and they would be converted to operational requirements and subsequently to System requirements.... [tags: SDLC, VORD method, software engineering]
1152 words (3.3 pages)
- 1. WHAT IS A SOFTWARE. Programs are set of instructions and software is set of programs that enable a computer to perform specific tasks. There are two kinds of software one is application software another is system software. Application software- these are the software designed for the user side. System software- software like operating system are called system software. Following report is focused on application software. We will be demonstrating the testing on application software. Software designed for e-learning.... [tags: Software testing, Integration testing]
5240 words (15 pages)
- Identifying adolescents and young adults with serious emotional and mental issues and giving them access to the appropriate services is crucial to stopping rampage killers. The majority of troubled youth will never commit horrific crimes. However, all rampage killers showed some signs of needing intervention. More focus needs to be placed on the emotional and mental needs of our youth to prevent tragedies such as rampage killings. Parents need to take an active role in their children’s lives including during adolescence.... [tags: parental involvement, sensory disorder]
882 words (2.5 pages)
- In this paper, I will be primarily focusing on the importance of feedback in learning. Practise is important to achieve goals but it cannot act alone, in order for a student to accomplish his/her goals he/she needs to practise; while practising it is important to receive feedback. By the end of this paper, I will try to prove why “Feedback is so important in learning”. According to University of Reading (2012), “Feedback can improve a student's confidence, self-awareness and enthusiasm for learning.” Feedback is important because it helps student understand their progress whilst achieving goals.... [tags: identifying strengths and weaknesses]
564 words (1.6 pages)
- Spy Software Summary Spy software, or spyware, is software that records information and or activity on a computer and then sends the information to the person or company that installed it. While these programs have been around since the early days of Windows, there has been a recent wave of newer applications of them. The newer programs far outstrip their predecessors in what they do, who installs them, and how they are used. So what exactly do these programs do, who installs them, and should they be a cause for concern.... [tags: Computers Technology Software Essays]
1299 words (3.7 pages)
- SOFTWARE A set of instructions that directs a computer's hardware to perform a task is called a program, or software program. Software comprises the entire set of programs, procedures, and routines associated with the operation of a computer system. The two main types of software are system software and application software. System software controls a computer's internal functioning, chiefly through an operating system , and also controls such peripherals as monitors, printers, and storage devices.... [tags: Computer Technology Software]
1664 words (4.8 pages)
- To What Extent Has the Digital Age Revolutionized Learning?
- A Scalable and Self-adapting Notification Framework for Healthcare Information Systems
- State and Non-state Actors that Pose the Greatest Cyber Threat to the United States
- A Relationship With Nature: Romanticism
- Great Depression vs. The Great Recession
- Yamato: The Emergence of an Empire in Japan