Main navigation | Main content
Carlos Pacheco, Shuvendu K. Lahiri, Michael D. Ernst, and Thomas
Ball. “Feedback-directed random test generation”. In
International Conference on Software Engineering (ICSE), pages
75–84, Minneapolis, MN, USA, May 2007.
[IEEE]
Vijay Ganesh, Tim Leek, and Martin C. Rinard. “Taint-based
directed whitebox fuzzing”. In International Conference on
Software Engineering (ICSE), pages 474–484, Vancouver, BC,
Canada, May 2009.
[IEEE]
Question: The Pacheco et al. Randoop paper (first reading) is somewhat atypical among papers I've picked for this course in that it doesn't explicitly mention a security application. However you can probably guess that I think this technique could be used for generating tests related to security. Outline a specific security application of this technology that you think would work well: i.e., give a class of subject programs and a class of security problems that tests generated with this approach would help reveal.
Barton P. Miller, Lars Fredriksen, and Bryan So. “An empirical
study of the reliability of UNIX utilities”. Communications
of the ACM, 33(12):32–44, 1990.
[ACM]
The original meaning of "fuzz testing" was to supply completely random binary data to programs, which at the time was already good at revealing bugs. The term was later reused for the related approach of making random modifications to realisitc benign inputs.