Fuzzers for Stateful Systems: Survey and Research Directions
Cristian Daniele, Seyed Behnam Andarzian, Erik Poll
Abstract
Fuzzing is a very effective testing methodology to find bugs. In a nutshell, a fuzzer sends many slightly malformed messages to the software under test, hoping for crashes or incorrect system behaviour. The methodology is relatively simple, although applications that keep internal states are challenging to fuzz. The research community has responded to this challenge by developing fuzzers tailored to stateful systems, but a clear understanding of the variety of strategies is still missing. In this paper, we present the first taxonomy of fuzzers for stateful systems and provide a systematic comparison and classification of these fuzzers.
Topics & Concepts
Fuzz testingComputer scienceStateful firewallTaxonomy (biology)Variety (cybernetics)SoftwareMachine learningArtificial intelligenceProgramming languageComputer securityBotanyBiologyNetwork packetSoftware Testing and Debugging TechniquesSoftware Engineering ResearchAdvanced Malware Detection Techniques