Part IV: Semantical Fuzzing

This part introduces test generation techniques that take the semantics of the input into account, notably the behavior of the program that processes the input.

  • Grammar Mining shows how to extract an input grammar from a program by analyzing how individual parts of the input are processed. The resulting grammars can be directly used for fuzzing.

  • Symbolic Fuzzing analyzes program code to solve path constraints in the program to cover branches and behaviors that are hard to reach.

  • Tracking Information Flow shows how to track inputs throughout the program, in order to discover information leaks and further improve analysis techniques.

Creative Commons License The content of this project is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. The source code that is part of the content, as well as the source code used to format and display that content is licensed under the MIT License. Last change: 2019-04-29 17:10:26+02:00CiteImprint