Добірка наукової літератури з теми "Security, Fuzzing"
Оформте джерело за APA, MLA, Chicago, Harvard та іншими стилями
Ознайомтеся зі списками актуальних статей, книг, дисертацій, тез та інших наукових джерел на тему "Security, Fuzzing".
Біля кожної праці в переліку літератури доступна кнопка «Додати до бібліографії». Скористайтеся нею – і ми автоматично оформимо бібліографічне посилання на обрану працю в потрібному вам стилі цитування: APA, MLA, «Гарвард», «Чикаго», «Ванкувер» тощо.
Також ви можете завантажити повний текст наукової публікації у форматі «.pdf» та прочитати онлайн анотацію до роботи, якщо відповідні параметри наявні в метаданих.
Статті в журналах з теми "Security, Fuzzing"
Wu, Xiao Lei. "Research on Network Security Algorithm Based on ZigBee Technology." Applied Mechanics and Materials 608-609 (October 2014): 503–6. http://dx.doi.org/10.4028/www.scientific.net/amm.608-609.503.
Повний текст джерелаSharkov, Ivan Vladimirovich, Vartan Andronikovich Padaryan, and Petr Vladimirovich Khenkin. "Features of fuzzing network interfaces without source codes." Proceedings of the Institute for System Programming of the RAS 33, no. 4 (2021): 211–26. http://dx.doi.org/10.15514/ispras-2021-33(4)-15.
Повний текст джерелаSong, Congxi, Xu Zhou, Qidi Yin, Xinglu He, Hangwei Zhang, and Kai Lu. "P-Fuzz: A Parallel Grey-Box Fuzzing Framework." Applied Sciences 9, no. 23 (November 25, 2019): 5100. http://dx.doi.org/10.3390/app9235100.
Повний текст джерелаVishnyakov, Alexey, Eli Kobrin, and Andrey Fedotov. "Error detection in binary code with dynamic symbolic execution." Proceedings of the Institute for System Programming of the RAS 34, no. 2 (2022): 25–42. http://dx.doi.org/10.15514/ispras-2022-34(2)-3.
Повний текст джерелаLi, Tong, Xuan Huang, and Rui Huang. "Research on Software Security Vulnerability Discovery Based on Fuzzing." Applied Mechanics and Materials 635-637 (September 2014): 1609–13. http://dx.doi.org/10.4028/www.scientific.net/amm.635-637.1609.
Повний текст джерелаHernández Ramos, Santiago, M. Teresa Villalba, and Raquel Lacuesta. "MQTT Security: A Novel Fuzzing Approach." Wireless Communications and Mobile Computing 2018 (2018): 1–11. http://dx.doi.org/10.1155/2018/8261746.
Повний текст джерелаSimon, Frank, and Daniel Simon. "Fuzzing: Testing Security in Maintenance Projects." Softwaretechnik-Trends 32, no. 2 (May 2012): 61–62. http://dx.doi.org/10.1007/bf03323481.
Повний текст джерелаGodefroid, Patrice, Michael Y. Levin, and David Molnar. "SAGE: Whitebox Fuzzing for Security Testing." Queue 10, no. 1 (January 2012): 20–27. http://dx.doi.org/10.1145/2090147.2094081.
Повний текст джерелаGao, Yifei, Xu Zhou, Wei Xie, Baosheng Wang, Enze Wang, and Zhenhua Wang. "Optimizing IoT Web Fuzzing by Firmware Infomation Mining." Applied Sciences 12, no. 13 (June 24, 2022): 6429. http://dx.doi.org/10.3390/app12136429.
Повний текст джерелаQu, Sheng, Zheng Zhang, Bolin Ma, and Yuwen Shao. "Optimization Method of Web Fuzzy Test Cases Based on Genetic Algorithm." Journal of Physics: Conference Series 2078, no. 1 (November 1, 2021): 012015. http://dx.doi.org/10.1088/1742-6596/2078/1/012015.
Повний текст джерелаДисертації з теми "Security, Fuzzing"
Sayed, Shereef. "Black-Box Fuzzing of the REDHAWK Software Communications Architecture." Thesis, Virginia Tech, 2015. http://hdl.handle.net/10919/54566.
Повний текст джерелаMaster of Science
Sletmo, Patrik. "Introducing probabilities within grey-box fuzzing." Thesis, Linköpings universitet, Databas och informationsteknik, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-161893.
Повний текст джерелаMcDonough, Kenton Robert. "Torpedo: A Fuzzing Framework for Discovering Adversarial Container Workloads." Thesis, Virginia Tech, 2021. http://hdl.handle.net/10919/104159.
Повний текст джерелаMaster of Science
Over the last decade, container technology has fundamentally changed the landscape of commercial cloud computing services. By abstracting away many of the system details required to deploy software, developers can rapidly prototype, deploy, and take advantage of massive distributed frameworks when deploying new software products. These paradigms are supported with corresponding business models offered by cloud providers, who allocate space on powerful physical hardware among many potentially competing services. Unfortunately, recent work has shown that the isolation guarantees provided by containers are not absolute. Due to inconsistencies in the way containers have been implemented by the Linux kernel, there exist vulnerabilities that allow containerized programs to generate "out of band" workloads and negatively impact the performance of other containers. In general, these vulnerabilities are difficult to identify, but can be very severe. In this work, we present TORPEDO, a set of modifications to the SYZKALLER fuzzing framework that creates containerized workloads and searches for programs that negatively impact other containers. TORPEDO uses a novel technique that combines resource monitoring with code coverage approximations, and initial testing on common container software has revealed new interesting vulnerabilities and bugs.
Dutta, Rahul Kumar. "A Framework for Software Security Testing and Evaluation." Thesis, Linköpings universitet, Institutionen för datavetenskap, 2015. http://urn.kb.se/resolve?urn=urn:nbn:se:liu:diva-121645.
Повний текст джерелаDuchene, Fabien. "Detection of web vulnerabilities via model inference assisted evolutionary fuzzing." Thesis, Grenoble, 2014. http://www.theses.fr/2014GRENM022/document.
Повний текст джерелаTesting is a viable approach for detecting implementation bugs which have a security impact, a.k.a. vulnerabilities. When the source code is not available, it is necessary to use black-box testing techniques. We address the problem of automatically detecting a certain class of vulnerabilities (Cross Site Scripting a.k.a. XSS) in web applications in a black-box test context. We propose an approach for inferring models of web applications and fuzzing from such models and an attack grammar. We infer control plus taint flow automata, from which we produce slices, which narrow the fuzzing search space. Genetic algorithms are then used to schedule the malicious inputs which are sent to the application. We incorporate a test verdict by performing a double taint inference on the browser parse tree and combining this with taint aware vulnerability patterns. Our implementations LigRE and KameleonFuzz outperform current open-source black-box scanners. We discovered 0-day XSS (i.e., previously unknown vulnerabilities) in web applications used by millions of users
Huang, Jin. "Detecting Server-Side Web Applications with Unrestricted File Upload Vulnerabilities." Wright State University / OhioLINK, 2021. http://rave.ohiolink.edu/etdc/view?acc_num=wright163007760528389.
Повний текст джерелаLone, Sang Fernand. "Protection des systèmes informatiques contre les attaques par entrées-sorties." Phd thesis, INSA de Toulouse, 2012. http://tel.archives-ouvertes.fr/tel-00863020.
Повний текст джерелаPotnuru, Srinath. "Fuzzing Radio Resource Control messages in 5G and LTE systems : To test telecommunication systems with ASN.1 grammar rules based adaptive fuzzer." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-294140.
Повний текст джерела5G-telekommunikationssystem måste vara extremt tillförlitliga för att möta behoven för den kommande utvecklingen inom kommunikation. Systemen som används måste testas noggrant och måste överensstämma med deras standarder. Programvara och nätverksprotokoll testas ofta med tekniker som fuzzing, penetrationstest, kodgranskning, testning av överensstämmelse. Med fuzzing kan testare skicka utformade input för att övervaka System Under Test (SUT) för ett svar. 3GPP, standardiseringsorganet för telekomsystemet, producerar ofta nya versioner av specifikationer för att möta kraven och bristerna från tidigare utgåvor. Detta leder till många versioner av specifikationer för ett nätverksprotokoll som Radio Resource Control (RRC) och testare behöver ständigt uppdatera testverktygen och testmiljön. I detta arbete visar vi att genom att använda den generiska karaktären av RRC-specifikationer, som ges i beskrivningsspråket Abstract Syntax Notation One (ASN.1), kan man designa ett testverktyg för att anpassa sig till alla versioner av 3GPP-specifikationer. Detta uppsatsarbete introducerar en ASN.1-baserad adaptiv fuzzer som kan användas för att testa RRC och andra nätverksprotokoll baserat på ASN.1- beskrivningsspråk. Fuzzer extraherar kunskap om pågående RRC meddelanden med användning av protokollbeskrivningsfiler för RRC, dvs RRC ASN.1 schema från 3GPP, och använder kunskapen för att fuzz RRC meddelanden. Den adaptiva fuzzer identifierar enskilda fält, delmeddelanden och anpassade datatyper enligt specifikationer när innehållet i befintliga meddelanden muteras. Dessutom har den adaptiva fuzzer identifierat en tidigare oidentifierad sårbarhet i Evolved Packet Core (EPC) för srsLTE och openLTE, två opensource LTE-implementeringar, vilket bekräftar tillämpligheten för robusthetsprovning av RRC och andra nätverksprotokoll.
Ahmad, Abbas. "Model-Based Testing for IoT Systems : Methods and tools." Thesis, Bourgogne Franche-Comté, 2018. http://www.theses.fr/2018UBFCD008/document.
Повний текст джерелаThe Internet of Things (IoT) is nowadays globally a mean of innovation and transformation for many companies. Applications extend to a large number of domains, such as smart cities, smart homes, healthcare, etc. The Gartner Group estimates an increase up to 21 billion connected things by 2020. The large span of "things" introduces problematic aspects, such as conformance and interoperability due to the heterogeneity of communication protocols and the lack of a globally-accepted standard. The large span of usages introduces problems regarding secure deployments and scalability of the network over large-scale infrastructures. This thesis deals with the problem of the validation of the Internet of Things to meet the challenges of IoT systems. For that, we propose an approach using the generation of tests from models (MBT). We have confronted this approach through multiple experiments using real systems thanks to our participation in international projects. The important effort which is needed to be placed on the testing aspects reminds every IoT system developer that doing nothing is more expensive later on than doing it on the go
(10746420), Hui Peng. "FUZZING HARD-TO-COVER CODE." Thesis, 2021.
Знайти повний текст джерелаКниги з теми "Security, Fuzzing"
Takanen, Ari. Fuzzing for software security testing and quality assurance. Norwood, MA: Artech House, 2008.
Знайти повний текст джерелаFuzzing: Brute Force Vulnerability Discovery. Addison-Wesley Professional, 2007.
Знайти повний текст джерелаMichael, Sutton, Adam Greene, and Pedram Amini. Fuzzing: Brute Force Vulnerabiltiy Discovery. Pearson Education, Limited, 2007.
Знайти повний текст джерелаAri Takanen;Jared D. Demott;Charles Miller. Fuzzing for Software Security Testing and Quality Assurance. Artech House, 2018.
Знайти повний текст джерелаЧастини книг з теми "Security, Fuzzing"
Li, Xiaoting, Xiao Liu, Lingwei Chen, Rupesh Prajapati, and Dinghao Wu. "FuzzBoost: Reinforcement Compiler Fuzzing." In Information and Communications Security, 359–75. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-031-15777-6_20.
Повний текст джерелаTakanen, Ari. "Proactive Security Testing and Fuzzing." In ISSE 2009 Securing Electronic Business Processes, 312–19. Wiesbaden: Vieweg+Teubner, 2010. http://dx.doi.org/10.1007/978-3-8348-9363-5_31.
Повний текст джерелаAl Sardy, Loui, Andreas Neubaum, Francesca Saglietti, and Daniel Rudrich. "Comparative Evaluation of Security Fuzzing Approaches." In Lecture Notes in Computer Science, 49–61. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-26250-1_4.
Повний текст джерелаShin, MinSik, JungBeen Yu, YoungJin Yoon, and Taekyoung Kwon. "The Fuzzing Awakens: File Format-Aware Mutational Fuzzing on Smartphone Media Server Daemons." In ICT Systems Security and Privacy Protection, 219–32. Cham: Springer International Publishing, 2017. http://dx.doi.org/10.1007/978-3-319-58469-0_15.
Повний текст джерелаOuairy, Léopold, Hélène Le-Bouder, and Jean-Louis Lanet. "Protection of Systems Against Fuzzing Attacks." In Foundations and Practice of Security, 156–72. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-18419-3_11.
Повний текст джерелаvan Rooij, Orpheas, Marcos Antonios Charalambous, Demetris Kaizer, Michalis Papaevripides, and Elias Athanasopoulos. "webFuzz: Grey-Box Fuzzing for Web Applications." In Computer Security – ESORICS 2021, 152–72. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-88418-5_8.
Повний текст джерелаShudrak, Maksim O., and Vyacheslav V. Zolotarev. "Improving Fuzzing Using Software Complexity Metrics." In Information Security and Cryptology - ICISC 2015, 246–61. Cham: Springer International Publishing, 2016. http://dx.doi.org/10.1007/978-3-319-30840-1_16.
Повний текст джерелаKim, Hyuntae, Seongil Wi, Hyunjoo Lee, and Sooel Son. "FSF: Code Coverage-Driven Fuzzing for Software-Defined Networking." In Information Security Applications, 41–54. Cham: Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-030-39303-8_4.
Повний текст джерелаFan, Rong, and Yaoyao Chang. "Machine Learning for Black-Box Fuzzing of Network Protocols." In Information and Communications Security, 621–32. Cham: Springer International Publishing, 2018. http://dx.doi.org/10.1007/978-3-319-89500-0_53.
Повний текст джерелаVinçont, Yaëlle, Sébastien Bardin, and Michaël Marcozzi. "A Tight Integration of Symbolic Execution and Fuzzing (Short Paper)." In Foundations and Practice of Security, 303–10. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-031-08147-7_20.
Повний текст джерелаТези доповідей конференцій з теми "Security, Fuzzing"
Smith, Christopher, and Guillermo Francia. "Security fuzzing toolset." In the 50th Annual Southeast Regional Conference. New York, New York, USA: ACM Press, 2012. http://dx.doi.org/10.1145/2184512.2184589.
Повний текст джерелаBottinger, Konstantin, Patrice Godefroid, and Rishabh Singh. "Deep Reinforcement Fuzzing." In 2018 IEEE Security and Privacy Workshops (SPW). IEEE, 2018. http://dx.doi.org/10.1109/spw.2018.00026.
Повний текст джерелаNagy, Stefan, and Matthew Hicks. "Full-Speed Fuzzing: Reducing Fuzzing Overhead through Coverage-Guided Tracing." In 2019 IEEE Symposium on Security and Privacy (SP). IEEE, 2019. http://dx.doi.org/10.1109/sp.2019.00069.
Повний текст джерелаGelderie, Marcus, Valentin Barth, Maximilian Luff, and Julian Birami. "Seccomp Filters from Fuzzing." In 19th International Conference on Security and Cryptography. SCITEPRESS - Science and Technology Publications, 2022. http://dx.doi.org/10.5220/0011145100003283.
Повний текст джерелаBöhme, Marcel, Van-Thuan Pham, Manh-Dung Nguyen, and Abhik Roychoudhury. "Directed Greybox Fuzzing." In CCS '17: 2017 ACM SIGSAC Conference on Computer and Communications Security. New York, NY, USA: ACM, 2017. http://dx.doi.org/10.1145/3133956.3134020.
Повний текст джерелаZhu, Xiaogang, and Marcel Böhme. "Regression Greybox Fuzzing." In CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security. New York, NY, USA: ACM, 2021. http://dx.doi.org/10.1145/3460120.3484596.
Повний текст джерелаKim, Hyoungchun, Younghan Choi, Dohoon Lee, and Donghoon Lee. "Practical Security Testing using File Fuzzing." In 2008 10th International Conference on Advanced Communication Technology. IEEE, 2008. http://dx.doi.org/10.1109/icact.2008.4494003.
Повний текст джерелаCha, Sang Kil, Maverick Woo, and David Brumley. "Program-Adaptive Mutational Fuzzing." In 2015 IEEE Symposium on Security and Privacy (SP). IEEE, 2015. http://dx.doi.org/10.1109/sp.2015.50.
Повний текст джерелаGan, Shuitao, Chao Zhang, Xiaojun Qin, Xuwen Tu, Kang Li, Zhongyu Pei, and Zuoning Chen. "CollAFL: Path Sensitive Fuzzing." In 2018 IEEE Symposium on Security and Privacy (SP). IEEE, 2018. http://dx.doi.org/10.1109/sp.2018.00040.
Повний текст джерелаRawat, Sanjay, Vivek Jain, Ashish Kumar, Lucian Cojocar, Cristiano Giuffrida, and Herbert Bos. "VUzzer: Application-aware Evolutionary Fuzzing." In Network and Distributed System Security Symposium. Reston, VA: Internet Society, 2017. http://dx.doi.org/10.14722/ndss.2017.23404.
Повний текст джерелаЗвіти організацій з теми "Security, Fuzzing"
Ruthruff, Joseph R., Robert C. Armstrong, Benjamin Garry Davis, Jackson R. Mayo, and Ratish J. Punnoose. Leveraging Formal Methods and Fuzzing to Verify Security and Reliability Properties of Large-Scale High-Consequence Systems. Office of Scientific and Technical Information (OSTI), September 2012. http://dx.doi.org/10.2172/1117263.
Повний текст джерела