The Research and Application of the Variant Fuzz Testing Framework for Log Based on the Structured Data

2014 ◽  
Vol 602-605 ◽  
pp. 1749-1752
Author(s):  
Li Yuan Sun ◽  
Yan Mei Zhang
Keyword(s):  
Computer Program ◽  
Software Testing ◽  
Structured Data ◽  
Class Structure ◽  
Random Data ◽  
Testing Technique ◽  
Testing Framework ◽  
Design And Implementation ◽  
Fuzz Testing ◽  
Function Modules

Fuzz testing is a software testing technique,which provides invalid, unexpected, or random data to the inputs of a computer program to test the robustness and security of procedures[1]. For structured data like logging, the variant fuzz testing framework adopts a configuration file, apply traverse and stream processing to complete the structured fuzzing. This article starts with the features of the structured data, then introduces the design and implementation of the variant fuzz testing framework, including function modules, class structure, and logic processing. As a conclusion, this framework is compared with zzuf tool, and the advanced nature of this framework is elaborated.

CONFU

2012 ◽  
pp. 152-167
Author(s):  
Huning Dai ◽  
Christian Murphy ◽  
Gail E. Kaiser
Keyword(s):  
Case Studies ◽  
Software Security ◽  
Performance Evaluations ◽  
Testing Technique ◽  
Security Vulnerabilities ◽  
Testing Framework ◽  
Testing Methodology ◽  
Fuzz Testing ◽  
Runtime Environment ◽  
Semantic Validity

Many software security vulnerabilities only reveal themselves under certain conditions, that is, particular configurations and inputs together with a certain runtime environment. One approach to detecting these vulnerabilities is fuzz testing. However, typical fuzz testing makes no guarantees regarding the syntactic and semantic validity of the input, or of how much of the input space will be explored. To address these problems, the authors present a new testing methodology called Configuration Fuzzing. Configuration Fuzzing is a technique whereby the configuration of the running application is mutated at certain execution points to check for vulnerabilities that only arise in certain conditions. As the application runs in the deployment environment, this testing technique continuously fuzzes the configuration and checks “security invariants’’ that, if violated, indicate vulnerability. This paper discusses the approach and introduces a prototype framework called ConFu (CONfiguration FUzzing testing framework) for implementation. Additionally, the results of case studies that demonstrate the approach’s feasibility are presented along with performance evaluations.

scholarly journals CONFU

2010 ◽  
Vol 1 (3) ◽  
pp. 41-55 ◽  
Author(s):  
Huning Dai ◽  
Christian Murphy ◽  
Gail Kaiser
Keyword(s):  
Case Studies ◽  
Software Security ◽  
Performance Evaluations ◽  
Testing Technique ◽  
Security Vulnerabilities ◽  
Testing Framework ◽  
Testing Methodology ◽  
Fuzz Testing ◽  
Runtime Environment ◽  
Semantic Validity

Many software security vulnerabilities only reveal themselves under certain conditions, that is, particular configurations and inputs together with a certain runtime environment. One approach to detecting these vulnerabilities is fuzz testing. However, typical fuzz testing makes no guarantees regarding the syntactic and semantic validity of the input, or of how much of the input space will be explored. To address these problems, the authors present a new testing methodology called Configuration Fuzzing. Configuration Fuzzing is a technique whereby the configuration of the running application is mutated at certain execution points to check for vulnerabilities that only arise in certain conditions. As the application runs in the deployment environment, this testing technique continuously fuzzes the configuration and checks “security invariants’’ that, if violated, indicate vulnerability. This paper discusses the approach and introduces a prototype framework called ConFu (CONfiguration FUzzing testing framework) for implementation. Additionally, the results of case studies that demonstrate the approach’s feasibility are presented along with performance evaluations.

Design and Implementation of Backup Devices Management System

2013 ◽  
Vol 756-759 ◽  
pp. 1715-1719
Author(s):  
Hui Bo Song ◽  
Yong Wang ◽  
Kai Li ◽  
Mei Lin Liu ◽  
Bing Zhan Ma
Keyword(s):  
Management System ◽  
Architectural Design ◽  
Requirements Analysis ◽  
Management Mechanism ◽  
Device Management ◽  
Business Operation ◽  
Design And Implementation ◽  
Systems Implementation ◽  
Function Modules ◽  
Design Function

Nowadays, it is particularly important to improve the level of backup devices management for enterprises, because a reasonable management mechanism would ensure a business operation normally. The paper presents a backup device management system in detail, including requirements analysis, architectural design, function modules and implementation mechanism, which provides basis for systems implementation and application. The system we designed can manage backup devices dynamically, which gives support to the improvement and maintenance, and also provides more convenience for users.

On the Application of Automated Software Testing Techniques to the Development and Maintenance of Speech Recognition Systems

2012 ◽  
pp. 30-48
Author(s):  
Daniel Bolanos
Keyword(s):  
Speech Recognition ◽  
Software Testing ◽  
Automatic Speech Recognition ◽  
Automated Testing ◽  
Automated Software Testing ◽  
Testing Framework ◽  
Methods And Techniques ◽  
Testing Techniques ◽  
Recognition Systems ◽  
Automated Software

This chapter provides practitioners in the field with a set of guidelines to help them through the process of elaborating an adequate automated testing framework to competently test automatic speech recognition systems. Through this chapter the testing process of such a system is analyzed from different angles, and different methods and techniques are proposed that are well suited for this task.

Sign in / Sign up

Export Citation Format

Share Document