search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Probability-Based Parameter Selection for Black-Box Fuzz Testing

Technical Note
By
In this report, the authors describe an algorithm for automating the selection of seed files and other parameters used in black-box fuzz testing.
Publisher

Software Engineering Institute

CMU/SEI Report Number
CMU/SEI-2012-TN-019
DOI (Digital Object Identifier)
10.1184/R1/6582245.v1
Subjects

Abstract

Dynamic, randomized-input functional testing, or black-box fuzz testing, is an effective technique for finding security vulnerabilities in software applications. Parameters for an invocation of black-box fuzz testing generally include known-good input to use as a basis for randomization (i.e., a seed file) and a specification of how much of the seed file to randomize (i.e., the range). This report describes an algorithm that applies basic statistical theory to the parameter selection problem and automates selection of seed files and ranges. This algorithm was implemented in an open-source, file-interface testing tool and was used to find and mitigate vulnerabilities in several software applications. This report generalizes the parameter selection problem, explains the algorithm, and analyzes empirical data collected from the implementation. Results of using the algorithm show a marked improvement in the efficiency of discovering unique application errors over basic parameter selection techniques.

SHARE
Download PDF
Cite This Technical Note

Householder, A., & Foote, J. (2012, August 1). Probability-Based Parameter Selection for Black-Box Fuzz Testing. (Technical Note CMU/SEI-2012-TN-019). Retrieved April 18, 2024, from https://doi.org/10.1184/R1/6582245.v1.

@techreport{householder_2012,
author={Householder, Allen and Foote, Jonathan},
title={Probability-Based Parameter Selection for Black-Box Fuzz Testing},
month={Aug},
year={2012},
number={CMU/SEI-2012-TN-019},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/6582245.v1},
note={Accessed: 2024-Apr-18}
}

Householder, Allen, and Jonathan Foote. "Probability-Based Parameter Selection for Black-Box Fuzz Testing." (CMU/SEI-2012-TN-019). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, August 1, 2012. https://doi.org/10.1184/R1/6582245.v1.

A. Householder, and J. Foote, "Probability-Based Parameter Selection for Black-Box Fuzz Testing," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Note CMU/SEI-2012-TN-019, 1-Aug-2012 [Online]. Available: https://doi.org/10.1184/R1/6582245.v1. [Accessed: 18-Apr-2024].

Householder, Allen, and Jonathan Foote. "Probability-Based Parameter Selection for Black-Box Fuzz Testing." (Technical Note CMU/SEI-2012-TN-019). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 1 Aug. 2012. https://doi.org/10.1184/R1/6582245.v1. Accessed 18 Apr. 2024.

Householder, Allen; & Foote, Jonathan. Probability-Based Parameter Selection for Black-Box Fuzz Testing. CMU/SEI-2012-TN-019. Software Engineering Institute. 2012. https://doi.org/10.1184/R1/6582245.v1

Ask a question about this Technical Note