A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf
.
Checksum-Aware Fuzzing Combined with Dynamic Taint Analysis and Symbolic Execution
2011
ACM Transactions on Privacy and Security
Fuzz testing has proven successful in finding security vulnerabilities in large programs. However, traditional fuzz testing tools have a well-known common drawback: they are ineffective if most generated inputs are rejected at the early stage of program running, especially when target programs employ checksum mechanisms to verify the integrity of inputs. This article presents TaintScope, an automatic fuzzing system using dynamic taint analysis and symbolic execution techniques, to tackle the
doi:10.1145/2019599.2019600
fatcat:7lxi63myd5hsfe7scxnxi5nouy