Abstract
Fuzz testing is a software testing technique that has risen to prominence over the past two decades. The unifying feature of all fuzz testers (fuzzers) is their ability to somehow automatically produce random test cases for software. Fuzzers can generally be placed in one of two classes: black-box or white-box. Blackbox fuzzers do not derive information from a program's source or binary in order to restrict the domain of their generated input while white-box fuzzers do. A tradeoff involved in the choice between blackbox and whitebox fuzzing is the rate at which inputs can be produced; since blackbox fuzzers need not do any "thinking" about the software under test to generate inputs, blackbox fuzzers can generate more inputs per unit time if all other factors are equal. The question of how blackbox and whitebox fuzzing should be used together for ideal economy of software testing has been posed and even speculated about, however, to my knowledge, no publically available study with the intent of characterizing an answer exists. The purpose of this thesis is to provide an initial exploration of the bug-finding characteristics of blackbox and whitebox fuzzers. A blackbox fuzzer is implemented and extended with a concolic execution program to make it whitebox. Both versions of the fuzzer are then used to run tests on some small programs and some parts of a file compression library.
Notes
If this is your Honors thesis, and want to learn how to access it or for more information about readership statistics, contact us at STARS@ucf.edu
Thesis Completion
2013
Semester
Spring
Advisor
Guha, Ratan
Degree
Bachelor of Science (B.S.)
College
College of Engineering and Computer Science
Degree Program
Electrical Engineering and Computer Science
Subjects
Dissertations, Academic -- Engineering and Computer Science;Engineering and Computer Science -- Dissertations, Academic
Format
Identifier
CFH0004463
Language
English
Access Status
Open Access
Length of Campus-only Access
None
Document Type
Honors in the Major Thesis
Recommended Citation
Tobkin, Toby, "Implementation and testing of a blackbox and a whitebox fuzzer for file compression routines" (2013). HIM 1990-2015. 1475.
https://stars.library.ucf.edu/honorstheses1990-2015/1475