模糊测试理论及应用综述
首发时间:2018-02-09
摘要:模糊测试技术的产生已将近三十年,该技术在发现软件漏洞、保证软件质量方面有着十分重要的作用。模糊测试背后的关键思想是生成大量的测试用例并输入给被测程序,以触发被测程序中存在的问题。模糊测试从最初的黑盒测试发展成灰盒、白盒测试,在这一过程中逐步融合了诸如符号执行、污点分析、机器学习等的其他技术。本文对模糊测试的一般过程、分类、应用、存在问题做出了详细的归纳阐述,并对其未来发展方向做出了预测。
关键词: 计算机软件与理论 模糊测试 漏洞检测 测试用例生成 模糊测试工具
For information in English, please click here
Summary of the Theory and Application of Fuzzing
Abstract:Fuzzing has been proposed for about thirty years. This technique plays a crucial role in detecting software venerability and ensuring software quality. The key idea behind fuzzing is to generate plenty of test cases and feed them to the target program in order to trigger bug-inducing code fragments. Originating from black-box testing, fuzzing gradually developed into gray-box and white-box testing. During this process, it mixed lots of other techniques, including symbolic execution, taint analysis, machine learning, etc. In this paper, we summarize the general process, classification, application and existing problems of fuzzing in detail. Besides, we also make prediction for the future research directions of fuzzing.
Keywords: Computer Software and Theory Fuzzing Bug Detection Test Case Generation Fuzzer
基金:
引用
No.****
动态公开评议
共计0人参与
勘误表
模糊测试理论及应用综述
评论
全部评论0/1000