Leveraging Textual Specifications for Grammar-Based Fuzzing of Network Protocols Conference Proceeding uri icon

Overview

abstract

  • Grammar-based fuzzing is a technique used to find software vulnerabilities by injecting well-formed inputs generated following rules that encode application semantics. Most grammar-based fuzzers for network protocols rely on human experts to manually specify these rules. In this work we study automated learning of protocol rules from textual specifications (i.e. RFCs). We evaluate the automatically extracted protocol rules by applying them to a state-of-the-art fuzzer for transport protocols and show that it leads to a smaller number of test cases while finding the same attacks as the system that uses manually specified rules.

publication date

  • July 17, 2019

has restriction

  • bronze

Date in CU Experts

  • January 30, 2024 9:06 AM

Full Author List

  • Jero S; Pacheco ML; Goldwasser D; Nita-Rotaru C

author count

  • 4

Other Profiles

International Standard Serial Number (ISSN)

  • 2159-5399

Electronic International Standard Serial Number (EISSN)

  • 2374-3468

Additional Document Info

start page

  • 9478

end page

  • 9483

volume

  • 33

issue

  • 01