A Length-based File Fuzzing Test Suite Reduction Algorithm for Evaluation of Software Vulnerability |
Lee, Jaeseo
(The Attached Institute of ETRI)
Kim, Jong-Myong (The Attached Institute of ETRI) Kim, SuYong (The Attached Institute of ETRI) Yun, Young-Tae (The Attached Institute of ETRI) Kim, Yong-Min (Chonnam National University) Noh, Bong-Nam (Chonnam National University) |
1 | Z. Chen, X. Zhang, B. Xu, "A Degraded ILP Approach for Test Suite Reduction," Proceedings of the 20th International Conference on Software Engineering & Knowledge Engineering, pp. 494-499, Jul. 2008. |
2 | A. Takaken, J. D. Demott, C. Miller, FUZZING - for Software Security Testing and Quality Assurance, Artech House, 978-1-59693-214-2, 2008. |
3 | P. Amini, "Fuzzing Frameworks," Blackhat USA, Aug. 2007. |
4 | Pintool, "A Dynamic Binary Instrumentation Tool," http://pintool.org. |
5 | P. Godefroid, M.Y. Levin, D. Molnar, "Automated Whitebox Fuzz Testing," In Proceedings of Network and Distributed Systems Security, pp. 151-166, Feb. 2008. |
6 | P. Uhley, "Advanced Persistent Responses," CanSecWest, Mar. 2012. |
7 | C. Miller, Z.N.J. Peterson, "Analysis of Mutation and Generation-Based Fuzzing," Independent Security Evaluators, Mar. 2007. |
8 | fuzzing.info, http://fuzzing.info/papers. |
9 | CVE-2010-3654, "fuzz-my-life-flash-pla yer-zero-day-vulnerability-cve-2010-36 54," MITRE, 2010. |
10 | Microsoft Security Bulletin, "Microsoft Security Bulletin MS05-031," Jun. 2005. |
11 | A. Manion, M. Orlando, "Fuzz Testing for Dummies," Industrial Control Systems Joint Working Group Spring Meeting. May 2011. |
12 | WIKIPEDIA, "Fuzz testing," http://en.wikipedia. org/wiki/Fuzz_testing. |
13 | S. Yoo, M. Harman, "Regression testing minimization, selection and prioritization: a survey," Software Testing, Verification, and Reliability, vol. 22, pp. 67-120, Mar. 2010. |
14 | Jaeseo Lee, SuYong Kim, Young-Tae Yun, Kiwook Sohn, Yong-Min Kim, Bong-Nam Noh, "A New Measure for Test-Suite Noble Reduction under File Fuzzing," International Conference on Smart Convergence Technologies and Applications, pp. 80-82, Aug. 2012. |
15 | M. J. Harrold, R. Gupta, M. L. Soffa, "A Methodology for Controlling the Size of a Test Suite," ACM Transactions on Software Engineering and Methodology, vol. 2, no. 3, pp. 270-285, Jul. 1993. DOI |
16 | T. Y. Chen, M. F. Lau, "A new heuristic for test suite reduction," Information and Software Technology, vol. 40, pp. 347-354, 1998. DOI ScienceOn |
17 | S. Parsa, A. Khalilian, "On the Optimization Approach towards Test Suite Minimization," International Journal of Software Engineering and Its Applications, vol. 4, no. 1, pp. 15-28, Jan. 2010. |
18 | G. Rothermel, M. J. Harrold, J. Ronne, C. Hong, "Empirical Studies of Test-Suite Reduction," Software Testing, Verification, and Reliability, vol. 4, no. 2, pp. 219-249, Feb. 2002. |
19 | H. Zhong, L. Zhang, H. Mei, "An experimental study of four typical test suite reduction techniques," Information and Software Technology, vol. 50, pp. 534-546, 2008. DOI ScienceOn |
20 | N. Mansour, K. El-Falkin, "Simulated annealing and genetic algorithms for optimal regression testing," Journal of Software Maintenance, vol. 33, no. 4, pp. 225-237, 1999. |
21 | J. Black, E. Melachrinoudis and D. Kaeli, "Bi-criteria models for all-uses test suite reduction," Proceedings of 26th International Conference on Software Engineering, pp. 106-115, May 2004. |