AutoFuzz: Automated Network Protocol Fuzzing Framework

Assessing software security involves steps such as code review, risk analysis, penetration testing and fuzzing. During the fuzzing phase, the testeras goal is to find flaws in software by sending unexpected input to the target application and monitoring its behavior. In this paper, the authors introduce the AutoFuzz - extendable, open source framework used for testing network protocol implementations. AutoFuzz is a "Smart", man-in-the-middle, semi-deterministic network protocol fuzzing framework. AutoFuzz learns a protocol implementation by constructing a Finite State Automaton (FSA) which captures the observed communications between a client and a server.

Provided by: University of Toronto Topic: Security Date Added: Aug 2010 Format: PDF

Find By Topic