Fuzzing

From Rice Wiki
Revision as of 19:09, 17 June 2024 by Rice (talk | contribs) (Created page with "Category:Cybersecurity '''Fuzzing''' is a testing technique, where random outputs are generated to probe unintended behaviors of a software program. = Principle = Fuzzing is generally split into 4 steps: seed initialization, seed selection, mutation, and execution. '''Seed initialization''' is the initial input to the fuzzing program. It can be random or human-designed to induce a specific behavior. '''Seed selection''' follows seed initialization. After a pool o...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)


Fuzzing is a testing technique, where random outputs are generated to probe unintended behaviors of a software program.

Principle

Fuzzing is generally split into 4 steps: seed initialization, seed selection, mutation, and execution.

Seed initialization is the initial input to the fuzzing program. It can be random or human-designed to induce a specific behavior.

Seed selection follows seed initialization. After a pool of seeds are accumulated, the seed selection algorithm picks one. It can be arbitrary or with intent (such as AFL where seeds more likely to cause untested behaviors are selected).

After a seed is selected, it is mutated into a new input.

The mutated input is then executed on the program.

Sources

2309.10253v2_gpt-fuzzer